Techdirt. Stories filed under "oversight"Easily digestible tech news...https://www.techdirt.com/
en-usTechdirt. Stories filed under "oversight"https://ii.techdirt.com/s/t/i/td-88x31.gifhttps://www.techdirt.com/Thu, 8 Feb 2018 10:40:00 PSTThe Nunes Memo Has Effectively Destroyed Intelligence OversightTim Cushinghttps://www.techdirt.com/articles/20180207/17320639187/nunes-memo-has-effectively-destroyed-intelligence-oversight.shtml
https://www.techdirt.com/articles/20180207/17320639187/nunes-memo-has-effectively-destroyed-intelligence-oversight.shtml
The Nunes Memo, capitalized to give it far more gravitas that it actually possesses, was released late last week to mixed reviews. Nunes had built it up to be a mind-blowing damnation of a politically corrupt Federal Bureau of Investigation, more interested in destroying Trump than performing its appointed duties. The memo showed the FBI had relied on questionable evidence from the Steele dossier while securing FISA warrants to surveill former Trump adviser Carter Page. This memo was composed by the House intelligence oversight head -- one who had rarely expressed concern about domestic surveillance prior to investigations of Trump officials.

The memo showed the basis for the warrants may have been thin, but it didn't show it was nonexistent. In fact, the underlying warrants actually did inform the FISA court about the political background of Christopher Steele and his dossier. Nunes didn't know this because Nunes hadn't actually read the warrants. When he was finally apprised of this contradiction, he claimed the FBI disclosure didn't count because the disclosure was contained in a footnote.

The memo's release has had some serious side effects, however. But it will be Congressional oversight taking the damage, rather than the FBI. The memo's release showed the dumping of sensitive, classified info could be motivated by political whims, rather than as the result of a thoughtful, deliberative process. It showed oversight committee members were willing to jeopardize law enforcement sources and methods to score political points -- ironically the same claim Nunes was making about the FBI's motivations.

The damage will also be felt -- indirectly -- by the American public. Intelligence oversight is supposed to protect Americans from surveillance abuses. With this move, Nunes has destroyed its credibility, as Julian Sanchez points out.

It will be hard for anyone who has read the Nunes memo to regard the committee’s output as nonpartisan now. And by crying wolf about intelligence abuses with no serious evidence, Nunes and his enablers have made it far easier for America’s spy agencies to dismiss any future allegations, however meritorious, as yet another self-serving partisan distraction: at best, baseless conspiracy theorizing; at worst, an effort to obstruct legitimate investigations.

And that may not even be the worst of it. As Sanchez notes, the effectiveness of intelligence oversight will be blunted further. It's already mostly ineffective. Now, it may be completely broken.

[T]he committees are ultimately dependent on the intelligence community itself to direct their attention to areas that demand further scrutiny—whether in the form of official briefers, or whistleblowers who approach members with their concerns. Neither type is likely to repose much confidence in a committee that seems so enthusiastic to make a partisan circus of its grave task.

If the end game was to stop whistleblowing and give the nation's surveillance apparatus even more autonomy, well… mission accomplished. What was merely "dysfunctional" (according to the 9/11 Commission) will now be utterly useless.

And in the end, it won't matter to those who went along with Nunes' plan to own the libs (FBI Edition). For most committee members, intelligence oversight is a do-nearly-nothing job with zero political payoff. When things are fixed or further broken, the public is rarely informed. The few times the public is apprised of changes, it's handled obliquely with as many redactions as possible. Home state constituents waiting for their bridge to nowhere / vanity airport aren't going to be pouring funds into the re-election hoppers based on some shadowy, poorly-explained intelligence reforms. Everyone involved -- the overseers and the overseen -- would prefer as little interaction with each other as possible. By showing the House Oversight Committee is not above playing political football with FISA warrants, Nunes has virtually guaranteed the committee will be left alone.

Permalink | Comments | Email This Story
]]>WTGhttps://www.techdirt.com/comment_rss.php?sid=20180207/17320639187Mon, 22 Jan 2018 12:00:06 PSTSpending Bill Would Give Administration Direct Control Of Surveillance SpendingTim Cushinghttps://www.techdirt.com/articles/20180119/14212239045/spending-bill-would-give-administration-direct-control-surveillance-spending.shtml
https://www.techdirt.com/articles/20180119/14212239045/spending-bill-would-give-administration-direct-control-surveillance-spending.shtml
We've been given six more years of Section 702 collections, thanks to many, many Congressional representatives who just couldn't find it in their hearts to tell the dear old NSA "No." An extension was granted to push the "debate" into 2018, but there was no debate to be had. Instead, oversight committees on both sides of the Congressional aisle used this time to push out zero-reform renewal packages that actually made Section 702 worse.

After a brief, two-week consideration of opposing views, things moved ahead as though the program had never been abused by the NSA and had never "inadvertently" swept up US persons' communications without a warrant. The same politicians who complained about the NSA's power being in the hands of Donald Trump were the ones who voted for the passage of "reform" bills increasing the agency's reach and grasp.

Now, Congressional reps are granting the Trump Administration even greater control of US spy powers. The House spending bill contains an alteration to the language covering the Intelligence Community's use of federal funds. The funding of surveillance programs is already secret. The NSA's infamous "black budget" makes it impossible for citizens to see how -- and how much -- money is being spent spying on the world.

But the book isn't closed to everybody. If the agency or the administration wants to shift funding around, it must first inform Congress. This theoretically gives Congress veto power on spending changes Congress hasn't pre-approved. The disclosures are, of course, done in secret and there's no way to know how often Congress blocks spending changes, but at least it's some form of oversight. That will no longer be the case if the spending bill is approved, as Ryan Grim reports for The Intercept.

The House spending bill released Wednesday would allow President Donald Trump, or people under him, to secretly shift money to fund intelligence programs, a break with 70 years of governing tradition.

Since 1947, section 504 of the National Security Act has mandated that the administration inform Congress if it intends to shift money from one intelligence project to another, if the new project has not been authorized by Congress. That notification can be — and almost always is — done in secret, but it is at least a minimal check on executive power.

The spending bill currently under consideration, known as a continuing resolution, or CR, breaks with that tradition, allowing funds to “be obligated and expended notwithstanding section 504(a)(1) of the National Security Act of 1947.”

This would make the entire "black budget" discretionary, overseen only by the people moving the money around. Congressional control of agency budgets would become a historical artifact, something long-term reps could gaze back at nostalgically as what's left of Intelligence Community oversight crumbles into nonexistence.

Permalink | Comments | Email This Story
]]>Congress-votes-to-cut-itself-out-as-spending-middlemanhttps://www.techdirt.com/comment_rss.php?sid=20180119/14212239045Thu, 28 Dec 2017 06:23:00 PSTNew York State Eyes Its Own Net Neutrality LawKarl Bodehttps://www.techdirt.com/articles/20171226/10390638883/new-york-state-eyes-own-net-neutrality-law.shtml
https://www.techdirt.com/articles/20171226/10390638883/new-york-state-eyes-own-net-neutrality-law.shtml
Numerous states say they'll be crafting their own net neutrality protections in the wake of the FCC's recent vote to dismantle the rules. ISPs of course predicted this, which is why Comcast and Verizon successfully lobbied the FCC to include provisions in its "Restoring Internet Freedom" order that bans states from protecting consumers from privacy and net neutrality violations, or other bad behavior by incumbent ISPs. In ISP lobbying land, stopping states from writing protectionist law is an assault on "states rights," but when states actually try to help consumers you'll note the concern for states rights magically disappears.

Regardless, New York State, California and Washington have all indicated that they will attempt to test the FCC's state preemption authority on this front in the new year by crafting their own net neutrality legislation. You'll recall that the FCC already had its wrist slapped by the courts for over-reach when it tried to preempt states from passing anti-community broadband laws, quite literally written by large ISPs, intended to hamstring creative solutions (including public/private partnerships) for the telecom industry's broadband competition logjam.

But even if the FCC wins this new legal fight over state authority, folks like New York Assemblymember Patricia Fahy argue there's numerous steps states and cities can take to protect consumers on the net neutrality front without running afoul of the FCC's order. The text of her proposal (pdf) includes numerous proposals, including refusing to do business with companies that repeatedly violate net neutrality:

"If you are going to be a contractor and want to work with New York, then you must meet the principles,” Fahy tells Fast Company. She hopes that this approach will get around a roadblock known as preemption. The Constitution generally gives the federal government final authority over commercial activities that cross state lines. But while New York can’t require ISPs to uphold net neutrality, it can use its “power of the purse” to punish ISPs that don’t.

"There’s a decent amount of precedent for saying, if you want a state contract, you have to meet such and such requirements,” she says, noting construction contracts contingent on certain labor practices or the use of U.S.-made steel."

Again we'll see how this all pans out in the new year. States will likely face the same problem as the federal government did when trying to define net neutrality violations amidst a sea of ISP lobbying influence. Regardless, the FCC's battles with the states will be just one part of a cavalcade of lawsuits filed against the FCC in the new year for over-stepping its authority, ignoring the public, and rushing through what's potentially the least-popular decision in tech-policy history.

This same sequence of events played out earlier this year when the GOP and Trump administration rushed to kill consumer broadband privacy protections, resulting in numerous states attempting to create their own broadband privacy laws. And while Comcast, Verizon and AT&T lobbyists like to whine that states are wreaking havoc by creating discordant, inconsistent consumer protections, they tend to ignore the fact that this wouldn't be happening if they hadn't spent millions of dollars gutting popular, over-arching protections on the federal level.

Permalink | Comments | Email This Story
]]>looming-legal-fisticuffshttps://www.techdirt.com/comment_rss.php?sid=20171226/10390638883Tue, 5 Dec 2017 06:26:00 PSTAjit Pai Doesn't Want You Talking About Court Ruling That Undermines His Bogus Claim That The FTC Will Protect ConsumersKarl Bodehttps://www.techdirt.com/articles/20171204/10345738737/ajit-pai-doesnt-want-you-talking-about-court-ruling-that-undermines-his-bogus-claim-that-ftc-will-protect-consumers.shtml
https://www.techdirt.com/articles/20171204/10345738737/ajit-pai-doesnt-want-you-talking-about-court-ruling-that-undermines-his-bogus-claim-that-ftc-will-protect-consumers.shtml
We've noted a few times how the attack on net neutrality and consumer broadband privacy protections are just a small part of a massive lobbyist attempt to remove nearly all oversight of one of the least-competitive and least liked business sectors in America. Industry lobbyists (and the lawmakers and policy folk paid to love them) have made it abundantly clear that the goal is to gut FCC authority over broadband ISPs, then shovel any remaining, piddly authority to an FTC that's not only ill-equipped to handle it, but is currently engaged in a lawsuit with AT&T that could dismantle its authority over large ISPs entirely.

That FTC lawsuit was filed against AT&T after the company lied about throttling its wireless customers as part of an effort to drive unlimited customers to more expensive plans. Lower courts sided with AT&T's creative argument that the very Title II common carrier FCC classification AT&T has been fighting tooth and nail against on the net neutrality front --
exempted it from the FTC's jurisdiction. Last year, the FTC argued that should this ruling stand, it could let any company with a common carrier component (inhereted or acquired) dodge FTC oversight:

"The panel’s ruling creates an enforcement gap that would leave no federal agency able to protect millions of consumers across the country from unfair or deceptive practices or obtain redress on their behalf. Many companies provide both common-carrier and non-common-carrier services—not just telephone companies like AT&T, but also cable companies like Comcast, technology companies like Google, and energy companies like ExxonMobil (which operate common carrier oil pipelines). Companies that are not common carriers today may gain that status by offering new services or through corporate acquisitions. For example, AOL and Yahoo, which are not common carriers, are (or soon will be) owned by Verizon. The panel’s ruling calls into question the FTC’s ability to protect consumers from unlawful practices by such companies in any of their lines of business."

So again, that's the FTC warning that the AT&T court case could leave it rudderless in any attempt to protect consumers. Odd, given that Ajit Pai and his FCC staffers have been promising everyone that the FTC (which was already under-funded, over-extended, and lacked rulemaking capabilities) was the superior option when it comes to protecting consumers and competition (you can hear former FCC boss Tom Wheeler talk about how this promise is bunk here).

Fast forward to this week. Seeing an opportunity to highlight this blatant gift to the telecom sector, a coalition of 40 consumer advocacy and digital rights groups (as well as New York City) are hoping to use AT&T's legal fight with the FTC as a good reason to delay the FCC's December 14 vote to kill net neutrality. The coalition sent a a letter (pdf) to FCC boss Ajit Pai, arguing that it's irresponsible to plan a wholesale dismantling of net neutrality when one of Pai's central justifications for it (that the FTC will rush in and fill the enforcement gap) may be entirely untenable:

"Rushing to a vote before the Ninth Circuit resolves this decision cavalierly risks the purported safeguards that you and other supporters of the Draft Order have repeatedly declared will protect consumers from abusive or anti-competitive practices. Astoundingly, after committing the entire future of consumer protection from broadband access providers to the FTC, the Draft Order cavalierly dismisses the ongoing litigation that deprived the FTC of any jurisdiction to carry out the job[...] The question that should concern the Commission is whether or not the en banc panel will likewise deprive the FTC of jurisdiction over broadband access providers."

While an excellent point, this isn't likely to sway the FCC's thinking because, again, weakening FCC and FTC authority is the entire point and is exactly what large ISP lobbyists have been gunning for. Companies like Comcast, AT&T and Verizon would obviously prefer it if neither the FCC nor FTC had the authority to actually protect consumers from abuse of a lack of competition in the sector. Granted, if sound logic and compelling points could make the FCC backtrack from its extremely unpopular attack on net neutrality, Ajit Pai and friends would have retreated from this myopic assault months ago.

"This is just evidence that supporters of heavy-handed Internet regulations are becoming more desperate by the day as their effort to defeat Chairman Pai's plan to restore Internet freedom has stalled. The vote will proceed as scheduled on December 14."

What happens next? Once the FTC and FCC are left rudderless, ISPs have made it clear that they want the FCC to slap down any states that get any funny ideas about policing anti-competitive behavior in the sector, whether that comes in the form of net neutrality violations or privacy abuses. FCC staffers have made it equally clear that they're happy to oblige. Again, this all ends with little to no ability to protect consumers and competition from AT&T, Verizon or Comcast's monopoly strangleholds over the last mile at any level. That might be ok if the government fixed the sector's competition problems first, but Ajit Pai's FCC has made it abundantly clear that trying to hide the sector's competition problems (a prime symptom of regulatory capture) is going to take top priority.

Permalink | Comments | Email This Story
]]>who's-desperate-nowhttps://www.techdirt.com/comment_rss.php?sid=20171204/10345738737Fri, 8 Sep 2017 16:14:41 PDTIntelligence Oversight Committees Are Being Stocked With Former Intelligence Agency EmployeesTim Cushinghttps://www.techdirt.com/articles/20170907/11175238166/intelligence-oversight-committees-are-being-stocked-with-former-intelligence-agency-employees.shtml
https://www.techdirt.com/articles/20170907/11175238166/intelligence-oversight-committees-are-being-stocked-with-former-intelligence-agency-employees.shtml
RESOLVED: this nation's intelligence oversight is indisputably useless. It's about 99% joke and 1% Ron Wyden dog-whistle questions that go unanswered for months or years. Committees on both sides of the legislature are composed mostly of surveillance cheerleaders and flak catchers profoundly uninterested in performing actual oversight. Reform efforts tend to take place despite the intelligence committees, rather than because of them. Every so often, positive changes are made for purely partisan reasons.

Super-friendly "oversight" committees aren't helping hold our nation's multiple intelligence agencies accountable. But it goes deeper than lawmaking fanboys/girls holding prominent positions in intelligence committees. The desire to limit accountability traces back further than the front-mouths lobbing softballs to IC leaders at Congressional hearings. As Tim Johnson and Ben Wieder report for McClatchy News, the intelligence community has been stocking committees with home teamers for years.

Lawmakers assigned to oversee the sprawling U.S. intelligence apparatus rely strongly on a staff that in recent years has included scores of onetime spooks, analysts and lawyers who previously worked at the spy agencies under scrutiny.

According to a comprehensive analysis by McClatchy, at least one-third, and perhaps far more, of the professional staff members who carry out the work of the House and Senate intelligence committees are themselves veterans of the agencies that the two panels oversee.

Really not a problem, I suppose, if the other two-thirds are staunch civil rights defenders and privacy advocates. But of course they're not. They're just more government employees, many of whom find defending the status quo to be a more sensible career path, one that starts with idealism (sometimes) and ends with a pension, with very little forward momentum during the intervening years.

The "intelligence community" term attempts to humanize a hulking behemoth bristling with surveillance apparati, currently hoovering up $80 billion every year. And that estimate is likely on the low end, as these agencies have another, entirely-opaque budget to utilize on top of this.

The other low estimate at work here is McClatchy's guess at the number of former agency employees currently working for the intelligence oversight committees. It's not always easy to sniff out the origins of staffers, especially if they've possibly spent some time engaged in clandestine activities.

McClatchy’s analysis determined the staffers’ backgrounds based on searches of LinkedIn profiles, congressional records, executive profiles and in a handful of cases, press reports, obituaries or personal interviews in which the former or current committee staff members publicly acknowledged their own intelligence background.

In dozens of cases, McClatchy could not determine whether a given staff member had worked in intelligence. Some have left almost no trace on the internet, itself perhaps a telling sign of a sensitive prior professional life.

According to staffers who spoke to McClatchy, the one-third estimate is way, way off. One said "all but a couple" of staffers he worked with came from intelligence agencies. Others estimated IC oversight market saturation to be 50-75%.

Obviously, a dearth of intelligence experience would be less than useful for oversight committees. Experience is extremely useful but in cases where oversight is already severely lacking, stuffing the roster with IC picks is guaranteed to result in the sort of non-oversight we've become accustomed to. Not only are staffers likely to advise against additional accountability and lobby against reform efforts, they're also likely to know how to ensure any reform efforts are shot full of exploitable holes by the time they hit the president's desk.

And there's no good way of fixing this that won't leave other government committees tied up in policies that prevent them from hiring anyone with subject matter expertise. Pretty much the only thing that can be done is sitting back and marveling at the breadth of the intelligence community's regulatory capture.

Permalink | Comments | Email This Story
]]>circle-of-lifehttps://www.techdirt.com/comment_rss.php?sid=20170907/11175238166Wed, 28 Jun 2017 18:35:47 PDTNSA Appears To Be Seducing Sen. John Cornyn With Personal Tours And One-On-One MeetingsTim Cushinghttps://www.techdirt.com/articles/20170628/11534137690/nsa-appears-to-be-seducing-sen-john-cornyn-with-personal-tours-one-on-one-meetings.shtml
https://www.techdirt.com/articles/20170628/11534137690/nsa-appears-to-be-seducing-sen-john-cornyn-with-personal-tours-one-on-one-meetings.shtml
One of the surveillance state's biggest cheerleaders is seeing his years of support pay off.

Two congressional sources confirmed a May meeting, where Sen. John Cornyn, (R-Tex.), a vocal supporter of the intelligence community, got a private audience with the NSA Director Adm. Michael Rogers.

Cornyn also got a private tour of the signals intelligence facility at Fort Meade, Maryland at the same time as the May meeting.

Officials "familiar with the situation" (possibly read "jealous as hell") expressed concern about Cornyn's personal NSA tour. And for good reason. If Rogers and other NSA officials were feeding Cornyn information the rest of the NSA's Congressional oversight isn't privy to, that's a problem. It's more of a problem as the date for Section 702's reauthorization approaches. And it seems even more problematic that Cornyn was given a personal walk-and-talk while oversight members were failing to get substantive answers from the DNI during a Senate hearing.

There's a long history of the IC playing favorites with oversight members (and vice versa) and a long history of those favorites withholding information from other members of Congress. This visit/personal chat may have been innocuous but given its context -- the Section 702 renewal -- it looks shady as hell.

The additional context is the DNI's office believes all is forgiven -- or at least, no longer relevant. Reversing Clapper's promise to hand in something on incidentally-collected US persons' communications, the new Director is saying that's just not going to happen.

The Foreign Policy article notes that it's common for incoming reps and senators to be given a tour and that oversight members routinely visit the NSA as part of their oversight duties, but this Cornyn-only event definitely appears to be the agency making a play for unbridled support from a powerful Senator.

Permalink | Comments | Email This Story
]]>702-ways-to-leave-your-loverhttps://www.techdirt.com/comment_rss.php?sid=20170628/11534137690Wed, 7 Jun 2017 09:22:00 PDTSenator Tom Cotton Introduces Bill That Would Renew Section 702 Forever With Zero ChangesTim Cushinghttps://www.techdirt.com/articles/20170606/14312137533/senator-tom-cotton-introduces-bill-that-would-renew-section-702-forever-with-zero-changes.shtml
https://www.techdirt.com/articles/20170606/14312137533/senator-tom-cotton-introduces-bill-that-would-renew-section-702-forever-with-zero-changes.shtml
The debate over the renewal of Section 702 surveillance continues, but a group of legislators is looking to short-circuit the discussion. Senator Tom Cotton and a whole bunch of Republicans have introduced a bill that would ensure this discussion is never raised again. [h/t Julian Sanchez]

The attacks in London last weekend exposed in a matter of minutes just how vulnerable our free societies truly are. All it takes is a van or a knife and an unsuspecting bystander to turn a fun night out on the town into a horrific nightmare. Course, we shouldn't need any reminders, but let me give one yet again: We are at war with Islamic extremists. We have been for years, and, I'm sorry to say, there's no end in sight. It's easy to forget this as we go about our daily lives, but our enemies have not-and they will not. They've never taken their eyes off the ultimate target either: the United States.

Attacks in other countries are apparently just pre-game warmups for terrorists. The only way to prevent a domestic attack is to never ask questions about Section 702 again, apparently. If we don't trust our government to respect our privacy and civil liberties, it's not because the NSA constantly abused its Section 702 collection programs (and then hid these abuses from its oversight). No, the real villain here is the man who exposed this abuse to the general public.

Unfortunately, this and other programs were distorted in the public debate by a traitor, disgruntled ex-NSA contractor Edward Snowden, who now sits in the warm embrace of Russian intelligence services. And ever since his very damaging leak of classified material a few years back, many Americans have grown doubtful of these programs-and section 702 in particular.

I love it when someone describes the dumping of internal documents as "distorting." It underlines the speaker's desire to have the Great Unwashed remain in the dark while the government expands its collection capabilities and surveillance powers.

Cotton's Senate statement goes on to make it clear that nothing but a "forever" renewal will do, while handwaving away NSA abuses with meaningless phrases about privacy protections.

It's true that this program occasionally does collect information about American citizens-and that will be true of any attempt to stop any kind of homegrown terrorism. But if you're concerned about protecting Americans' privacy rights, then you should support extending this program. It puts in place a host of privacy protections to scrub raw intelligence of any unnecessary identifying information. To allow this program to expire on December 31 would hurt both our national security and our privacy rights.

That's why today I'm introducing a bill that would reauthorize section 702 permanently, as is, with no changes.

If nothing changes, then the "host of privacy protections" simply don't exist. The NSA itself made the biggest step towards fixing its routine, decade-long run of privacy violations by dropping the "about" program. A clean re-auth adds nothing to anyone's privacy. A forever re-auth would ensure this status quo in perpetuity.

As astounding as Cotton's contradictory assertions are, they're topped by Sen. Lindsey Graham. Earlier in the day, Graham was reported to have stated he would not support the reauthorization of this surveillance program because it could be "politically manipulated." And yet his name appears in the list of legislators pushing this bill.

So here we are, with the debate just officially beginning in the Senate and already surveillance proponents are making it clear they're not interested in discussing Section 702. Ever.

Permalink | Comments | Email This Story
]]>shut-up,-they-legislatedhttps://www.techdirt.com/comment_rss.php?sid=20170606/14312137533Wed, 26 Apr 2017 14:29:17 PDTFCC Boss Unveils Ingenious Plan To Replace Net Neutrality Rules With Fluff & NonsenseKarl Bodehttps://www.techdirt.com/articles/20170425/15255137239/fcc-boss-unveils-ingenious-plan-to-replace-net-neutrality-rules-with-fluff-nonsense.shtml
https://www.techdirt.com/articles/20170425/15255137239/fcc-boss-unveils-ingenious-plan-to-replace-net-neutrality-rules-with-fluff-nonsense.shtml
FCC boss Ajit Pai has made no secret of his disdain for net neutrality. Or, for that matter, his general disregard for the consumer-protection authority granted the agency he's supposed to be in charge of. Pai had already stated that his "solution" -- to his perceived injustice that is net neutrality -- is to replace the government's existing, hard net neutrality rules with "voluntary commitments" by the likes of AT&T, Comcast and Verizon. From there, he hopes to leave any remaining regulatory enforcement to the under-funded and over-extended FTC (we've explained why this is a notably bad idea here).

Pai clarified his plans a little during a speech today in Washington, DC at an event hosted by FreedomWorks (which, not coincidentally, takes funding from the giant ISPs Pai is clearly eager to help). According to Pai, the FCC will issue a Notice of Proposed Rule Making tomorrow to begin the process of rolling back Title II and killing net neutrality. The FCC will then vote on the proposal on May 18, according to the agency head. That means there will be a full public comment period (that's where you come in) ahead of a broader vote to kill the rules later this year.

Pai's full speech (pdf) was packed with conflations, half-truths, and statements that have been repeatedly, painstakingly debunked over the course of the last decade. Among them being the ongoing claim that net neutrality rules weren't necessary -- because incumbent ISPs had done nothing wrong:

"Nothing about the
Internet was broken in 2015. Nothing about the law had changed. And there wasn’t a rash of Internet service providers blocking customers from accessing the content, applications, or services of their choice.

Pai apparently "forgot" the time that AT&T intentionally blocked iPhone users from using FaceTime unless they signed up for significantly more expensive mobile data plans. Or that time MetroPCS blocked all access to video on its introductory plans to drive users to costlier plans if they wanted the "full internet experience." Or that time a small ISP named Madison River decided to block a competing VoIP provider. Or that time AT&T, Verizon, and T-Mobile blocked their users from using Google Wallet to help prop up their own mobile payment services. Or the longstanding allegations that Comcast, Verizon, AT&T and others intentionally let their peering points get congested to kill settlement-free peering and force content and transit providers to pay an additional toll.

The idea that net neutrality rules are arbitrary and unnecessary is a joke, and if you still don't believe consumers and startups need some kind of regulatory protection from giant (and ever-growing) broadband duopolists like Comcast, the joke's on you. And it's notably unfunny.

Pai, like most of the ISP allies in favor of gutting the rules, simply refuses to be proven wrong -- no matter what the actual data shows. For years now, Pai has cited broadband industry-funded studies that try to claim that net neutrality rules severely hampered broadband investment, despite zero objective evidence that's actually the case. But this being the post-truth era, Pai was quick to trot out the "Title II and neutrality killed investment" canard to the immense joy of the crowd of attending lobbyists, think tankers and other loyal ISP allies:

"So what happened after the Commission adopted Title II? Sure enough, infrastructure investment declined. Among our nation’s 12 largest Internet service providers, domestic broadband capital expenditures decreased by 5.6% percent, or $3.6 billion, between 2014 and 2016, the first two years of the
Title II era. This decline is extremely unusual. It is the first time that such investment has declined outside of a recession in the Internet era."

It never happened. What did happen: some telecom industry-funded think tanks cherry picked data to make it appear that investment had foundered, then repeated the fabrication they'd created, apparently believing that repetition forges truth. But if you spoke privately to most ISPs, they'd be telling you they saw no investment reduction under Title II. ISPs don't oppose net neutrality and Title II because it makes investing harder; they oppose Title II and net neutrality because it prevents them from abusing the uncompetitive shitshow that is the broadband last mile.

What's abundantly clear here is that net neutrality opponents have zero problem with lying to achieve one, singular goal: maximizing the income of large broadband providers to the detriment of consumers, competition, startups and the health of the internet. And Pai poured it on exceptionally thick during his speech at FreedomWorks, claiming that gutting oversight of some of the most anti-competitive and least liked companies in America will somehow magically improve broadband competition, create jobs, expand internet access, and more:

"Without the overhang of heavy-handed regulation, companies will spend more building next-generation networks. As those networks expand, many more Americans, especially low-income rural and urban Americans, will get high-speed Internet access for the first time. And more Americans generally will benefit from faster and
better broadband.

Second, it will create jobs. More Americans will go to work building these networks. These are
good-paying jobs, laying fiber, digging trenches, and connecting equipment to utility poles. And established businesses and startup entrepreneurs alike will take advantage of the networks that they build to create even more jobs.

Doesn't that sound lovely? Except it's not happening. If the claim that Title II and net neutrality stifled investment was bullshit, the narrative that removing these regulations magically creates jobs and competition is just as fantastical. If anything, turning a blind eye to duopolists like Comcast and Verizon as they abuse the lack of broadband competition to make life harder on streaming competitors (something they're already doing) will have the opposite impact on existing and emerging internet markets to come. And if protecting ISP revenues is the top priority (and let's not fool ourselves that it isn't), actually fixing the industry's competitive shortcomings will never be on Pai's radar.

The problem Pai faces now is two-fold. One, net neutrality has broad, incredible bi-partisan support, and those consumers are certain to give him an earful during the public comment period that will begin after the May 18 vote. If Pai isn't familiar with the concept of backlash and overreach, he may want to bone up on some history. Pai will also need to show to the courts that the market has changed dramatically enough since the FCC's June 2016 win over ISPs to justify a massive reversal of the rules. If he can't, his entire effort will be struck down.

As a lawyer Pai knows this, which is why I still think Pai's playing a game of good cop, bad cop. Under this plan, Pai saber rattles for a few months about his intent to kill net neutrality, at which point the GOP shows up with some "compromise" legislation (likely this summer) that claims to codify net neutrality into law, but is worded in such a way (by the ISP lawyers that will inevitably write it) so the loophole-riddled "solution" is worse than no rules at all. If I were to guess, the legislation will come from Senator John Thune, who attempted to derail the 2015 net neutrality rules using a similar strategy.

It seems likely that neutrality opponent hubris could easily backfire. After all, every time ISPs have tried to kill net neutrality, the end result has been more stringent protections (as we saw when Verizon sued to overturn the FCC's flimsy 2010 rules, only to get... tougher rules). That said, this fight still may be harder than previous battles. With Google and Netflix likely to be less active (they're large enough now that they apparently think they no longer need to worry), the onus is going to be on grassroots activists, debate-fatigued consumers and startups to carry the brunt of the load this time around.

Permalink | Comments | Email This Story
]]>throttled, blocked, hamstrung and hinderedhttps://www.techdirt.com/comment_rss.php?sid=20170425/15255137239Tue, 25 Apr 2017 13:22:31 PDTWhy Is Congress In Such A Rush To Strip The Library Of Congress Of Oversight Powers On The Copyright Office?Mike Masnickhttps://www.techdirt.com/articles/20170424/23470637227/why-is-congress-such-rush-to-strip-library-congress-oversight-powers-copyright-office.shtml
https://www.techdirt.com/articles/20170424/23470637227/why-is-congress-such-rush-to-strip-library-congress-oversight-powers-copyright-office.shtml
In the past few weeks, we've written a few times about this weird urgency among some in Congress to rush through a pretty major change to Copyright Office oversight. I wrote a deep dive piece over at The Verge discussing the issues at play, but Congress is pushing a bill to stop the new Librarian of Congress, Carla Hayden, from appointing a new head of the Copyright Office. Instead, the Congressional plan is to make the position a political appointee, nominated by the President, and approved by Congress. In that Verge piece, we explained why it was a major change, and scratched our heads at the fact that there appears to be no reason for pushing for this change other than (1) the legacy copyright industries know that their lobbying power will mean that the appointment will be to their liking and (2) they fear who Hayden might appoint. But, what's really odd is how quickly Congress is trying to push this through. As if the matter is incredibly urgent. There have been no hearings on the matter. There's been no public discussion on the pros and cons of such a move. Just a mad dash by a bunch of people in Congress to make this change official before Hayden can appoint someone.

Rep. Zoe Lofgren -- who appears to be one of the few people in Congress questioning why this is happening -- has put out a statement highlighting why this move is so problematic. A key point: if there is such a rush to make the change, how does it make sense to put this appointment power in the hands of a President who has left hundreds of federal jobs completely empty without any nominations at all?

... this legislation will harm and delay much-needed modernization efforts by making the Register a Presidentially appointed position. Currently, there is a backlog of 495 Appointee positions that have not even been nominated. This not only will delay effective administration of the Copyright Office, but also puts the efficiency gains made by the Library at risk. Under current modernization plans, the Library believes it can speed up the modernization plan by almost two years and save significant amounts of money. Those plans depend on an active Register of Copyright who is compliant and accountable to the Librarian. The long delay created by this bill in needing Senate confirmation of a Register will only harm these efforts.

In other words, the arguments for "urgency" because the Copyright Register position is currently vacant are undermining their own argument. Considering the nearly 500 federal government positions that have no nominees yet, who actually thinks that Trump will quickly get around to nominating a new Copyright Register, let alone having that person confirmed by the Senate? The current Librarian of Congress, Carla Hayden, on the other hand, has been reviewing candidates for months now and is likely close to having someone in place.

Similarly, as noted above, if (as is the typical line) this move is necessary to "modernize the Copyright Office," this plan does the exact opposite of that. Hayden has already put forth a plan to modernize the Copyright Office (and has experience modernizing a massive library system). But if the Copyright Office boss has to be nominated by a President who doesn't seem to feel like nominating anyone, and then approved by the Senate, the modernization plan will almost certainly be delayed. So why are supporters of this bill in such a rush if it's going to undermine and delay the key reason they give for supporting this bill: the modernization of the Copyright Office? It's almost as if that's not the real reason.

Separately, Lofgren points out that it's crazy to provide less oversight to the Copyright Office right after it's been revealed that one reason why Hayden likely fired the the previous Copyright Register was because of incredible mismanagement by the previous Register, that included a modernization program that was budgeted for less than $2 million, but ended up spending nearly $12 million before being dumped with nothing to show for it (as we first revealed here on Techdirt).

Removing Dr. Hayden’s ability to appoint the Register of Copyrights means she will be unable to hold employees accountable, and it creates uncertainty and ambiguity in the chain of command between the Librarian and Register of Copyrights.

The previous Register of Copyrights was removed after a Library of Congress Inspector General report found the Copyright Office not only wasted six years and nearly $12 million but hid this information from Congress, falsified information in reports to the Library, and submitted fake budget numbers for annual appropriations requests.

Dr. Hayden took appropriate steps to remove the Register responsible for this mismanagement. This bill would prevent Dr. Hayden from removing or ensuring accountability in any future Register by making the Register answerable only to the President -- a fundamental change in the relationship between Librarian and Register.

Finally, Lofgren notes that it certainly is at least notable and unfortunate that this move to rush through this change certainly appears to be an attempt by Congress to undermine the authority of the first female and first African American Librarian of Congress.

Finally, the bill is a clear affront to the first female Librarian of Congress. Dr. Carla Hayden is not only one of the most highly qualified Librarians ever to serve, but has also worked aggressively and in good faith to pull the Library and Copyright office into the 21st century. I find it deeply disturbing that for the first time in history, a female and a person of color is the Librarian of Congress, and for the first time in history, Congress would take away her power in order to give it to Donald Trump. While this does not point to motive, it is a distressing fact nevertheless.

This bill is a vote of ‘no confidence’ in a Librarian who is aggressively pulling the Library and Copyright Office into the 21st century and, by all evidence, justifiably reassigned an ineffective and negligent Register. It will only serve to delay Copyright Office modernization, harm the public, harm content creators, increase tension between the Library and Copyright Office, and harm Copyright Office employees.

Indeed. There are certainly arguments to be made for changing things up, but no one pushing for this bill seems to be able to answer why this needs to be changed so quickly, when such a change clearly undermines their own stated reasons for supporting the bill. From that, the most logical conclusion is that they are pushing for the change because they are worried about who Hayden is likely to appoint, rather than because of any principled argument.

Permalink | Comments | Email This Story
]]>what's-the-hurry?https://www.techdirt.com/comment_rss.php?sid=20170424/23470637227Tue, 14 Feb 2017 09:37:00 PSTUpset About Border Patrol Cruelty? It Didn't Start Under TrumpMike Masnickhttps://www.techdirt.com/articles/20170212/08235336691/upset-about-border-patrol-cruelty-it-didnt-start-under-trump.shtml
https://www.techdirt.com/articles/20170212/08235336691/upset-about-border-patrol-cruelty-it-didnt-start-under-trump.shtml
In the last few weeks, there's obviously been a lot of attention on the cruel actions of Customs and Border Patrol (CBP), a part of the Department of Homeland Security. Slate has an article detailing some of the awful stories coming out after the Trump executive order on immigration and travel (here are just a few):

At Dallas/Fort Worth International Airport, CBP officers reportedly detained an elderly Sudanese woman suffering from diabetes, high blood pressure, and severe kidney stones. They refused to provide her attorney or her family with any information on her health, status, or whereabouts. Her attorney later learned that CBP officers had demanded that his client withdraw her request for admission into the United States or be barred from entering the country for five years. She signed the document and was promptly deported. Her family never got to see her.

Also at DFW, CBP agents allegedly detained a lawful permanent resident along with her 11-month-old daughter, a U.S. citizen. They refused to let attorneys speak with the mother. When the child’s father came to the CBP office, agents refused to let him see his daughter.

CBP officers at Los Angeles International Airport allegedly deported an Iranian student 90 minutes after a federal judge explicitly barred the deportation of anyone targeted by Trump’s order. They ignored efforts by attorneys to halt the deportation.

CBP officers at San Francisco International Airport allegedly detained an elderly Iranian couple with valid visitor visas for 30 hours. Nineteen of those hours came after a federal judge halted deportations under Trump’s order. One officer informed the couple’s attorney that they might soon be deported. When the attorney explained that this action would violate a federal court order, the officer responded that he was “just following orders.”

An elderly Iranian couple—both of whom were lawful permanent residents—say they were detained for 10 hours at Chicago’s O’Hare International Airport after returning from their son’s wedding in Iran. The two were denied access to food for the length of their detention. Another elderly person being detained along with the couple was shaking from hunger and nearly passed out. CBP officers refused to inform the couple’s immediate family whether the couple had been allowed to take necessary medications.

But here's the thing: none of this is new, unfortunately. Yes, the specifics of the executive order are new, and the awful plan and rollout by the administration are new, but CBP being arbitrarily cruel to people is not at all new. We've reported on it many times in the past. Last week, On the Media put together a collection of stories that it had done in the past about egregious behavior by CBP at the border, almost all of which we covered in the past -- and all of which occurred under President Obama.

There was the horrific treatment of On The Media Producer Sarah Abdurrahman and her family (all US citizens) detained at the US border for hours and treated horribly when trying to return to the US from a wedding in Canada. There's also the insane story of Pascal Abador, a student studying Shiites in South Lebanon (he's an atheist himself), who was detained and had his laptop seized while on a train traveling from Canada to the US. CBP found photos on his laptop of Hamas and Hezbollah and then wouldn't give him back his computer. And then there's the truly sickening stories (plural) of CBP bringing people to doctors to be horrendously strip searched for drugs, often undergoing hours-long "inspections" by medical professionals despite never turning up any actual drugs. Here's one example we wrote about, which is similar to, but not the same one discussed in the OTM recording:

1. Eckert's abdominal area was x-rayed; no narcotics were found. 2. Doctors then performed an exam of Eckert's anus with their fingers; no narcotics were found. 3. Doctors performed a second exam of Eckert's anus with their fingers; no narcotics were found. 4. Doctors penetrated Eckert's anus to insert an enema. Eckert was forced to defecate in front of doctors and police officers. Eckert watched as doctors searched his stool. No narcotics were found. 5. Doctors penetrated Eckert's anus to insert an enema a second time. Eckert was forced to defecate in front of doctors and police officers. Eckert watched as doctors searched his stool. No narcotics were found. 6. Doctors penetrated Eckert's anus to insert an enema a third time. Eckert was forced to defecate in front of doctors and police officers. Eckert watched as doctors searched his stool. No narcotics were found. 7. Doctors then x-rayed Eckert again; no narcotics were found. 8. Doctors prepared Eckert for surgery, sedated him, and then performed a colonoscopy where a scope with a camera was inserted into Eckert's anus, rectum, colon, and large intestines. No narcotics were found.

None of this is to say that what Trump is doing is okay. What he's doing is expanding the CBP's power to continue to expand its often arbitrary and capricious activities without any fear of oversight or any sort of reprimand for egregious behavior. But if you're suddenly concerned with how CBP appears totally free to mistreat basically anyone at the border, at least recognize that it's been going on for quite some time and that plenty of people (including us) have been trying to call attention to it for years. And don't assume that just because you're suddenly hearing these stories in the news, that they're a new phenomenon. Unfortunately, they are not. Hopefully, greater attention on CBP cruelty will lead to fixing it, but this administration, unfortunately, seems to want to encourage and expand it.

Permalink | Comments | Email This Story
]]>speak-uphttps://www.techdirt.com/comment_rss.php?sid=20170212/08235336691Thu, 2 Feb 2017 07:38:00 PSTAT&T's Downright Giddy About Weaker FCC Oversight And The Looming Death Of Net NeutralityKarl Bodehttps://www.techdirt.com/articles/20170126/04470336569/ats-downright-giddy-about-weaker-fcc-oversight-looming-death-net-neutrality.shtml
https://www.techdirt.com/articles/20170126/04470336569/ats-downright-giddy-about-weaker-fcc-oversight-looming-death-net-neutrality.shtml
AT&T is pretty damn excited about former Verizon lawyer Ajit Pai, Trump's new industry-cozy pick to head the FCC. That's in large part because Pai has made it clear his goal isn't just to gut net neutrality, new broadband privacy rules and most of the other consumer protections pushed by former FCC boss and and former dingo Tom Wheeler -- but to help dismantle the agency's role as consumer watchdog entirely. Of course, AT&T put things a little differently in a blog post applauding the selection:

"Today, on his first official day in office, President Trump designated Ajit Pai as the new FCC Chairman. No one is more prepared to reframe the agency to address the needs of this rapidly changing marketplace. Chairman Pai will work with his fellow Commissioners to quickly and decisively put back in place the commonsense regulatory framework necessary to support the President’s agenda for job creation, innovation and investment."

Anybody who actually believes this has simply not been paying attention to Pai's tenure at the agency, during which he consistently refused to stand up to large ISPs in absolutely any capacity. That includes downvotes on numerous attempts to hold AT&T accountable for outright fraud, whether it was the time AT&T was caught actively making its bills more confusing to help make it easier for crammers and scammers, the time AT&T was caught ripping off a program designed to help low income families, or that time AT&T was busted for turning a blind eye to drug dealers running directory assistance scams on AT&T customers.

So sure. AT&T's pretty excited about the fact it's potentially facing little to no accountability for what's a well-documented history of anti-competitive behavior and fraudulent activity. But it's also just thrilled by the idea that net neutrality rules could soon be sent to the digital dustbin of history, allowing AT&T to, in its own words, "go hard" on this whole zero rating thing:

"With a new operator-friendly FCC chairman in place, AT&T CEO Randall Stephenson said to expect the operator to “go hard” with its controversial “zero rating” strategy for its virtual MVPD service, DirecTV Now.

“Our customers are loving this value proposition,” Stephenson said during AT&T’s fourth quarter earnings call Wednesday. “We have more than 200,000 DirecTV Now customers on it, the service is not counting against their data cap, and that’s a big deal."

Except the "value proposition" AT&T's presenting isn't much of a value at all. Sure, some consumers labor under the illusion they're getting "free stuff" because AT&T's graciously letting them stream AT&T's content without running afoul of its arbitrary usage caps. But in reality, AT&T's preferential treatment of its own content simply repositions the cost burden to competing services while distorting the overall competitive market. You know, like the outgoing FCC told AT&T when it sheepishly and belatedly told the company it was violating net neutrality and acting anticompetitively just a few weeks and a universe ago.

Moving forward, the name of the game for AT&T will be to play kissy face with the new administration in the hopes of blind, blanket deregulation, some lovely tax cuts, additional unaccountable subsidies (these telcos have received billions over the years for networks either barely or half-deployed), and approval for the company's $100 billion acquisition of Time Warner:

"I got to tell you, I was impressed,” Stephenson said (after meeting Donald Trump). “It was obvious I was meeting with a CEO. He has a very clear agenda—tax reform and regulatory reform. I can tell you that he’s focused on these things. And I left with a degree of optimism that this could be pulled off this year."

Describing himself as a “supply-side guy,” Stephenson added that “If you saw tax rates move to 20-25%, we know what we would do. We would step up our investment rate."

In regards to deregulation, he added, “Nobody thinks that regulations should go away. We all believe the customer needs protection. But the problem is that we’ve had regulation that’s unpredictable, and it’s interfering with how we’re designing products, how we enter markets."

So despite Trump's campaign-trail promise to block AT&T's latest megamerger (largely believed to be little more than pouting over negative CNN coverage), there's an incredible opportunity here to field a merger sales pitch bullshit supernova -- the scope and scale of which we've never seen before.

Permalink | Comments | Email This Story
]]>who-doesn't-like-zero-accountability?https://www.techdirt.com/comment_rss.php?sid=20170126/04470336569Wed, 18 Jan 2017 22:53:46 PSTPhilly PD Bows To Union Pressure, Guts Independent Officer-Involved-Shooting Board Ordered By The DOJTim Cushinghttps://www.techdirt.com/articles/20170117/08234736501/philly-pd-bows-to-union-pressure-guts-independent-officer-involved-shooting-board-ordered-doj.shtml
https://www.techdirt.com/articles/20170117/08234736501/philly-pd-bows-to-union-pressure-guts-independent-officer-involved-shooting-board-ordered-doj.shtml
The Philadelphia Police Department is one of many to be on the receiving end of a consent decree with the DOJ. Most PDs finding themselves in this position earn it through years of abusive policing and a consistent disregard for constitutional rights and civil liberties. The Philly PD is no exception.

An Officer-Involved Shooting Investigation Unit was established within the Philadelphia Police Department Jan. 1, Commissioner Richard Ross announced Friday.

The creation of the unit was a result of a Department of Justice study that recommended departmental reforms focused on the use of deadly force by police officers.

[...]

"The Philadelphia Police Department will now be a model for departments across the country," said COPS director Ronald Davis.

Hold your applause…

However, one of the study's major recommendations - that an outside agency should investigate officer-involved shootings - could not be fulfilled, Davis said.

"Philadelphia tried many alternatives but it could not work," Davis said.

The COPS (Community Oriented Policing Services) has an interesting definition of "could not." It could have worked, but the commissioner was unwilling to go up against the force behind the city's police force to do it. The federal government proclaims something must happen. The commissioner runs up against some resistance and decides it's impossible. Now, the city's residents can look forward to shootings by officers being handled completely internally, which will do little to deter the sort of activity that led to the DOJ's intercession in the first place.

The commissioner did at least obliquely address the obstacle he's unwilling to remove to better implement the DOJ's recommendation.

Finally, Ross said the "elephant in the room" was that the department faced opposition on the proposal from its union, Fraternal Order of Police Lodge 5.

This is why we can't have nice accountable things. The FOP managed to defang the OIS Board, turning it into an internal, opaque process where officers have a 72-hour "cooling off" period before having to face a series of lobbed softballs by the PD's internal review board.

As an alternative to an outside agency conducting investigations, Ross established the Officer-Involved Shooting Investigation Unit so the process is now bifurcated - the criminal aspect will be handled by the new unit, and the administrative aspect will continue to be handled by the department's Internal Affairs Unit.

And yet, it's being hailed by a federal COPS official as a "model" for the nation's police departments. Yeah, this is a model, alright -- a model for every police union faced with a DOJ consent decree. Flex enough muscle and police officials will blow off federal recommendations to ensure future cooperation in policymaking and labor negotiations.

Permalink | Comments | Email This Story
]]>model-of-servitudehttps://www.techdirt.com/comment_rss.php?sid=20170117/08234736501Tue, 3 Jan 2017 09:37:08 PSTCongressman Goodlatte Decides To Refill The Swamp By Gutting Congressional Ethics Office... But Drops It After Bad PublicityMike Masnickhttps://www.techdirt.com/articles/20170103/00054336387/congressman-goodlatte-decides-to-refill-swamp-gutting-congressional-ethics-office-drops-it-after-bad-publicity.shtml
https://www.techdirt.com/articles/20170103/00054336387/congressman-goodlatte-decides-to-refill-swamp-gutting-congressional-ethics-office-drops-it-after-bad-publicity.shtmlUpdate: So... literally a minute before this post was about to go live came the news that House Republicans have magically dropped this plan, after it received a ton of negative press overnight, and had tons of inbound phone calls and, yes, even our President Elect sort of (but not really) came out against the plan. While the Bloomberg article above credits Trump for this, if you read what he actually said, he does call the Office of Congressional Ethics "unfair," he just says this isn't a priority now (perhaps meaning the following plan will come back in the future). Since this is still a possibility, here's the original post.

The OCE was created in 2008 in response to the Jack Abramoff scandal, and some other Congressional corruption scandals, that resulted in three members of Congress going to jail. The OCE was an independent office that was set up to investigate Congressional ethics and corruption violations. Not surprisingly, not everyone in Congress was thrilled about having an independent office investigating them, so Goodlatte seems to have made sure that won't be a problem -- and he did so without any warning, without any debate and even against the wishes of the leadership of his own party:

The move to effectively kill the Office of Congressional Ethics was not made public until late Monday, when Representative Robert W. Goodlatte, Republican of Virginia and chairman of the House Judiciary Committee, announced that the House Republican Conference had approved the change. There was no advance notice or debate on the measure.

The surprising vote came on the eve of the start of a new session of Congress, where emboldened Republicans are ready to push an ambitious agenda on everything from health care to infrastructure, issues that will be the subject of intense lobbying from corporate interests. The House Republicans’ move would take away both power and independence from an investigative body, and give lawmakers more control over internal inquiries.

It also came on the eve of a historic shift in power in Washington, where Republicans control both houses of Congress and where a wealthy businessman with myriad potential conflicts of interest is preparing to move into the White House.
Continue reading the main story

Speaker Paul D. Ryan and Representative Kevin McCarthy of California, the majority leader, spoke out during the meeting to oppose the measure, aides said on Monday night.

Goodlatte, has put out a somewhat ridiculous statement defending the move, claiming (incorrectly) that this strengthens OCE's mission. Of course, then he also notes that it "improves upon the due process rights" of members of Congress. But experts note that all it's really doing is letting Congress take control over the previously independent organization, and giving Congress the power to kill investigations. I guess that's one way to "improve due process rights." But, really, was there really a problem with the "due process rights" of members of Congress being investigated for corruption and ethics violations?

In fact, Buzzfeed does a nice job showing all of the ways in which this does the exact opposite of what Goodlatte claims concerning "strengthening" OCE's mission:

The OCE should no longer be independent. Insteads, it will be under the House's Committee on Ethics, which is run by members of Congress.

The office will no longer be able to accept anonymous tips from whistleblowers.

The ethics office must stop any investigation if the House ethics committee tells them to.

The ethics office cannot investigate any tips of misconduct that took place before Jan. 3, 2011

The office can no longer talk about its findings -- even hire a spokesperson.

OCE cannot investigate any criminal cases or turn allegations of corruption over to law enforcement.

That, uh, does not sound at all like "strengthening" OCE's mission. It sounds like the exact opposite. In other news, Rep. Goodlatte's statement over this is a blatant lie.

Politico has some details of how some members who had been investigated by the OCE supported gutting it, claiming that they felt unfairly targeted -- even though all of the examples given resulted in OCE deciding there were no ethics violations. It's entirely possible that OCE may have been annoying for Congress to deal with, but no one seems to have presented any evidence that it ever came to conclusions that were incorrect or unfair -- just that their investigations were annoying. And... so what? Congress should be under a microscope when it comes to ethics and corruption. The whole idea that Congress itself can just unilaterally undermine its own oversight is pretty ridiculous -- especially at a time when so few trust Congress, and so many believe it to be so corrupt.

Permalink | Comments | Email This Story
]]>no lobbyists left behindhttps://www.techdirt.com/comment_rss.php?sid=20170103/00054336387Thu, 29 Dec 2016 15:06:20 PSTOversight Board Spares NYPD's Feelings By Softening Language In Taser Complaint ReportTim Cushinghttps://www.techdirt.com/articles/20161228/17455336361/oversight-board-spares-nypds-feelings-softening-language-taser-complaint-report.shtml
https://www.techdirt.com/articles/20161228/17455336361/oversight-board-spares-nypds-feelings-softening-language-taser-complaint-report.shtml
The NYPD's estranged relationship with its oversight continues. The Civilian Complaint Review Board -- put into place after it became apparent the NYPD wasn't interested in policing itself -- has noticed the department is vocally supportive of better policing, but has no interest in actually making any changes to the way it disciplines its officers.

The NYPD has yet to see a civilian complaint it can't make disappear and has almost always recommended a lesser punishment for misconduct than the Board has recommended. In controversial "chokehold" cases, the Board found the NYPD was completely uninterested in doing anything about officers' use of a tactic it has outlawed.

In those cases where CCRB substantiated chokeholds, recommended Administrative Charges, and DAO became involved, none of the substantiated cases ever went to trial before a NYPD Trial Commissioner. Instead, DAO departed from CCRB’s recommendation every time. Rather than pursue the more serious Administrative Charges, DAO recommended lesser penalties or no discipline whatsoever.

Despite being shown no respect by the NYPD, the CCRB has decided to protect the badged-and-armed delicate flower of the department by softening the language in its Taser use report before publication.

In the spring, an oversight agency for the New York Police Department circulated a draft report on the use of Taser stun guns. The report highlighted “troubling” findings and issued stern recommendations: The police should create an annual report on the use of Tasers and prohibit their use on handcuffed suspects.

But the latter recommendation was removed from the final version of the report, quietly released in October by the agency, the Civilian Complaint Review Board, with no formal announcement. The other was removed from the executive summary and relegated to the report’s final page.

The agency also removed language highlighting what police reform advocates and civil liberties groups later said was the board’s central finding: In most Taser encounters reviewed, officers used the stun guns on people who were unarmed.

What the CCRB found wasn't encouraging. The NYPD already has a troubled history of Taser misuse. Not much is made of it because Taser deployment in the force is severely limited. But the NYPD's ability to make even a small number of civilian complaints vanish into the ether remains unchanged. The New York Times highlights the report's findings, which are disturbing and have remained unaltered.

Over the period studied in the report, from 2014 through 2015, the board’s investigators conducted full investigations of 51 of the 153 complaints filed and substantiated only three of them.

The other 102 fell by the wayside because the complainants failed to cooperate with the investigation. Perhaps some of them felt the outcome would be no different than the 94% that did make it all the way through the process. Perhaps some had outstanding warrants, unpaid tickets, a general disinterest in interacting with law enforcement, or whatever. But with only six percent of complaints being substantiated, the outcome of the NYPD's internal efforts are par for the course: lots of complaints, almost zero repercussions.

But just as disheartening is the fact that the CCRB edited its report to ensure the NYPD wouldn't even feel the weight of PRINTED WORDS.

The alterations to the report run throughout and appear to play down the findings — which remain unchanged — and remove language that could be considered charged or critical of the Police Department.

This is an organization with an inordinate amount of power -- both over the people it serves as well as the politicians that ostensibly control its budget and activities. Specific edits were made to turn the report into something as proactively exonerative as statements made by the NYPD itself in the wake of excessive force allegations. Police brass say things like "the officer's gun discharged." The CCRB -- post-editing -- says things like this:

[T]he draft report found that “there is also evidence” that Tasers were being used in response to unruly or obstinate behavior by suspects. That phrase was changed in the final version to say that “there is concern.”

Also excised was the Board's "troubling" finding that Taser deployment often occurred when suspects were already in custody. The stat -- 30% of the time -- remains. The word "troubling" is nowhere to be found. Another sentence was removed completely, apparently out of concern the NYPD might react badly to it.

"[A] review of several of the police custody complaints supports the perception that the Tasing may have occurred unnecessarily."

The NYPD needs to be subjected to strong language that draws attention unavoidably to its use of excessive force. This is the sort of thing the NYPD finds to be "appropriate" Taser use.

Mr. Sells said in an interview that during the discovery phase of the lawsuit, he learned that two separate officers used Tasers on Mr. Paul, striking him a total of 13 times — six by one officer; seven by the other — over the course of 41 seconds.

Anthony Paul is dead. He was 29 years old when he died in NYPD custody. The NYPD brushed off accusations of excessive force with the above "appropriate" statement, as well as the excuse that the Tasers failed to deliver even more electricity to the eventual corpse of Mr. Paul.

A government entity that has the power to kill civilians who do not immediately subject themselves to an arrest is apparently too weak to handle direct criticism of its actions. The Board has wiped any implications from its findings, leaving the stats to speak for themselves. The facts aren't pretty, but the NYPD has no problem ignoring hard numbers and incontrovertible facts. But it must be protected from any insinuations that its use of force is sometimes too much… or occasionally unjustifiable.

Permalink | Comments | Email This Story
]]>say-a-prayer-for-the-people-in-powerhttps://www.techdirt.com/comment_rss.php?sid=20161228/17455336361Fri, 23 Dec 2016 12:16:01 PSTThe Surveillance Oversight Board Is Dead And It's Unlikely President Trump Will Revive ItTim Cushinghttps://www.techdirt.com/articles/20161223/09302636332/surveillance-oversight-board-is-dead-unlikely-president-trump-will-revive-it.shtml
https://www.techdirt.com/articles/20161223/09302636332/surveillance-oversight-board-is-dead-unlikely-president-trump-will-revive-it.shtml
The Privacy and Civil Liberties Oversight Board (PCLOB) -- at least partially responsible for recent surveillance reforms -- is dead. The first hints of its demise were tucked away in the annual intelligence budget, which gave Congress direct control of the PCLOB's investigative activities.

The last vestiges of the board's independence have been stripped away and it seems unlikely the incoming president is going to have much interest in restoring this essential part of intelligence oversight. Congress now has the power to steer the PCLOB's investigations. A new stipulation requiring the PCLOB to report directly to legislators means intelligence officials will be less forthcoming when discussing surveillance efforts with board members.

At best, the PCLOB would have limped on -- understaffed and neutered. That was back when the news was still good (but only in comparison). The Associate Press reports that Donald Trump is being handed the keys to a well-oiled surveillance machine, but with hardly any of the pesky oversight that ruins the fun.

The five-member Privacy and Civil Liberties Oversight Board will have only two remaining members as of Jan. 7 — and zero Democrats even though it is required to operate as an independent, bipartisan agency. The vacancies mean it will lack the minimum three members required to conduct business and can work only on ongoing projects.

This could be fixed quickly, but it would require Trump nominating members and having the Senate approve them. It took well over a half-decade for President Obama to do this, so it wasn't even a priority for a president who promised to helm the "most transparent administration." These vacancies will probably be left open by an incoming president who seems largely uninterested in safeguarding civil liberties.

The PCLOB's report was instrumental in the challenged renewal of the Section 215 bulk collection program. The board might have played a similar role in the Section 702 renewal discussion in 2017, but with it out of the way, there's a good chance it won't receive as much of a challenge as the NSA's phone metadata program. (Then again, the PCLOB wasn't very critical of this internet backbone-tapping collection program, despite it harvesting far more than "just metadata.")

More critically, it left some work unfinished -- its investigation into the executive order underpinning the government's many intelligence programs.

Already in limbo is a public oversight report on the use of a Reagan-era executive order that since 1981 has authorized sweeping powers by intelligence agencies like the NSA to spy even on innocent Americans abroad and never has been subject to meaningful oversight from Congress or courts...

The privacy panel's report on the order is stalled and there's no work being done on it, according to the individual, who has knowledge about the project's status. Some individual agency reports related to the order were expected to be completed before the board loses its quorum, the person said.

The PCLOB is dead, for all intents and purposes. It survives in name only, awaiting presidential attention it's unlikely to receive. The last 15 years have shown what a lack of oversight can result in. The past couple of years have seen some encouraging movements towards accountability and transparency, but without the PCLOB's ability to perform its own investigations and, more importantly, deliver its findings to the public, further reform efforts are likely to be snuffed out.

Permalink | Comments | Email This Story
]]>probably-writing-up-a-DNR-as-we-speakhttps://www.techdirt.com/comment_rss.php?sid=20161223/09302636332Wed, 30 Nov 2016 08:27:38 PSTKey Congressional Staffers Who Helped Rein In Surveillance Overreach In The 1970s Ask Obama To Pardon SnowdenMike Masnickhttps://www.techdirt.com/articles/20161129/17411236152/key-congressional-staffers-who-helped-rein-surveillance-overreach-1970s-ask-obama-to-pardon-snowden.shtml
https://www.techdirt.com/articles/20161129/17411236152/key-congressional-staffers-who-helped-rein-surveillance-overreach-1970s-ask-obama-to-pardon-snowden.shtmlno interest in issuing a pardon for Ed Snowden -- despite the well-organized campaign in support of such a pardon -- more and more people are stepping up to argue why Obama should change his mind on this. The latest is a big one: fifteen members of the Church Committee have sent President Obama and Attorney General Loretta Lynch a memo outlining the reasons why Snowden deserves a pardon.

The Church Committee, of course, was the Senate Committee that investigated excessive surveillance efforts by the CIA, NSA and FBI in the 1970s, and eventually led to a series of sweeping reforms that helped to rein in many of the worst abuses. Of course, after 2001, many of the restrictions were watered down, which gets us to where we are today. It's also notable, of course, that the Church Committee eventually morphed into the Senate Select Committee on Intelligence, better known today as the Senate Intelligence Committee. Yes, if you're a bit confused, the committee that was created to stop intelligence community surveillance abuses changed over the years into becoming the intelligence community's biggest defenders, rather than overseers. Today's Intelligence Committee (minus a few members) seems 100% focused on whining about Snowden. So it's fairly telling that the members who made up some of the key staff positions on the original committee are now speaking out.

The letter was put together by Frederick Schwartz, who was the Chief Counsel of the Church Committee and William Miller, who was its Staff Director (i.e., these weren't lowly staffers -- these were the guys who ran the show). And they're pretty damn concerned. The full letter is worth reading, but here's just a small excerpt:

Without Snowden, it would have been decades, if ever, until Americans
learned what intelligence agencies acting in our name had been up to. We know first
hand that lack of disclosure can cause just as many, if not more, harms to the nation than
disclosure. When intelligence agencies operate in the dark, they often have gone too far
in trampling on the legitimate rights of law-abiding Americans and damaging our
reputation internationally. We saw this repeated time and time again when serving as
staff members for the U.S. Senate Select Committee, known as the Church Committee,
that in 1975-76 conducted the most extensive bipartisan investigation of a government’s
secret activities ever, in this country or elsewhere.

They also point out the hypocrisy of Obama and his administration ignoring or granting leniency towards others who abused positions of power in the surveillance state, and who did so not to benefit the public, as Snowden did:

Some oppose leniency for Snowden because he violated the law. But
many in the national security establishment who committed serious crimes have received
little or no punishment. President Obama’s decision to “look forward, not backward”
absolved from liability the officials who designed and implemented the torture and
extraordinary rendition programs at the CIA and Defense Department during the George
W. Bush Administration. It also meant that those who destroyed evidence of these
crimes and misled Congress about illegal torture and surveillance would never face
charges.

In addition, the government has also been lenient to high-level officials
who made illegal disclosures or destroyed classified information. Examples are cases
involving National Security Advisor Sandy Berger and CIA Directors David Petraeus and
John Deutch.

CIA Director David Petraeus, who also had been a top general, violated
the law and his obligation to protect national security information when he provided his
biographer, who was also his close friend, with voluminous notebooks documenting Top
Secret military and intelligence operations, as well as sharing classified information with
reporters. He also made false statements to the FBI to avoid accountability for his
actions. Yet he was allowed to plead guilty to just one misdemeanor for which he
received no jail time. Former National Security Advisor Sandy Berger broke the law
when he removed several highly classified documents sought by the 9/11 Commission
from the National Archives and then destroyed them. He too was allowed to plead guilty
to a misdemeanor and received a fine and probation. President Bill Clinton pardoned
former CIA Director John Deutch before the Justice Department filed a misdemeanor
charge against him for improperly taking hundreds of files containing highly classified
information and storing them on an unprotected home computer. In all these cases,
recognition of the public service the individuals had provided weighed against strict
enforcement of the law, to come to a fair and just result.

There are, of course, differences between these cases and Snowden’s. But
the crucial point is that only in Snowden’s case was the motivation behind his illegal
activity to benefit America. The three others involved efforts to gain glory or avoid
criticism, or simple convenience and simple disregard for the law that put our security at
risk. Yet the perpetrators were treated leniently.

The memo goes on to explain why people claiming Snowden should have gone through "the proper channels" don't know what they're talking about, by pointing to the examples of those who did follow those channels, only to have their lives ruined with bogus Espionage Act cases. Of course, I'm not sure how that will appeal to Obama, since he supported those cases.

Still, it's good to see these individuals, who know perhaps better than anyone what happens when you have a surveillance state run amok, explaining to the President why what Snowden did was so important, and why he deserves a pardon.

Permalink | Comments | Email This Story
]]>make-it-sohttps://www.techdirt.com/comment_rss.php?sid=20161129/17411236152Mon, 31 Oct 2016 14:50:32 PDTLegislators Demand Answers From DOJ On Expanded Hacking Powers It's SeekingTim Cushinghttps://www.techdirt.com/articles/20161029/10335435909/legislators-demand-answers-doj-expanded-hacking-powers-seeking.shtml
https://www.techdirt.com/articles/20161029/10335435909/legislators-demand-answers-doj-expanded-hacking-powers-seeking.shtml
There's only a couple of months left until the DOJ's proposed Rule 41 changes become law. All Congress has to do is nothing. This is a level of effort Congress is mostly amenable to. If this becomes law, worldwide deployments of malware/spyware during investigations will be unable to be challenged in court. In addition, the DOJ wants to be part of the cyberwar. It's seeking permission to remotely access zombie computers/devices used in cyberattacks to "clean" them.

Opponents of the pending change to Rule 41 say that it unlawfully confers a new authority that changes substantive rights. First off, they contend that it adds a criminal taint to a perfectly legal practice: using location to cloak your location.

“There are countless reasons people may want to use technology to shield their privacy,” wrote the Electronic Frontier Foundation earlier this year. “From journalists communicating with sources to victims of domestic violence seeking information on legal services, people worldwide depend on privacy tools for both safety and security.”

The DOJ has argued that these Rule 41 amendments are just "clarifications" of existing law:

“The amendment would not authorize the government to undertake any search or seizure or use any remote search technique not already permitted under current law,” the DOJ told Consumerist in May, noting that law enforcement would still need to demonstrate probable cause.

This statement obviously isn't true considering how many federal judges have agreed the warrant it used in the Playpen investigation exceeded existing jurisdictional limits.

Fortunately, there are legislators pushing back against the DOJ's proposed changes. Ron Wyden has sent a letter [PDF] to the DOJ -- co-signed by 22 other legislators -- asking for clarification on the DOJ's interpretation of the changes it's seeking.

One of the questions the group has is how the DOJ can produce probable cause to search thousands of devices.

Please describe any differences in legal requirements between obtaining a warrant for a physical search versus obtaining a warrant for a remote electronic search. In particular, and if applicable, please describe how the principle of probable cause may be used to justify the remote search of tens of thousands of devices. Is it sufficient probable cause for a search that a device merely be "damaged" and connected to a crime?

The letter also raises the issue of forum shopping. With jurisdictional limits removed, federal law enforcement officers are free to find judges more willing to sign off on their warrant requests, rather than being forced to work with those in the locality the alleged criminal activity took place.

The DOJ's proposed botnet cleaning efforts raise a whole set of new troubling questions, ones that Wyden and co. would like to see answered before allowing the rule changes to slide by unopposed. First, there's the question of unforeseen collateral damage -- efforts that hurt more than help.

We are concerned that the deployment of software to search for and possibly disable a botnet may have unintended consequences on internet-connected devices, from smartphones to medical devices. Please describe the testing that is conducted on the viability of "network investigative techniques" to safely search devices such as phones, tablets, hospital information systems, and internet-connected video monitoring systems.

Then there's the question about the proposed "cleaning" efforts. Under what authority will law enforcement break into Americans' computers and screw around with their software and hardware?

Will law enforcement use authority under the proposed amendments to disable or otherwise render inoperable software that is damaging or has damaged a protected device? In other words, will network investigative techniques be used to "clean" infected devices, including devices that belong to innocent Americans? Has the Department ever attempted to "clean" infected computers in the past? If so, under what legal authority?

Good questions. Hopefully, we'll see the answers sometime before December 31st.

Permalink | Comments | Email This Story
]]>the-first-rule-of-the-new-Rule-41:-there-are-no-ruleshttps://www.techdirt.com/comment_rss.php?sid=20161029/10335435909Fri, 21 Oct 2016 06:28:57 PDTFTC Warns AT&T Court Victory On Throttling Could Screw Consumers For DecadesKarl Bodehttps://www.techdirt.com/articles/20161018/14062235832/ftc-warns-att-court-victory-throttling-could-screw-consumers-decades.shtml
https://www.techdirt.com/articles/20161018/14062235832/ftc-warns-att-court-victory-throttling-could-screw-consumers-decades.shtmlblocking them from using Facetime unless they subscribed to metered plans, to throttling these "unlimited" users after only consuming a few gigabytes of data. Ultimately AT&T faced a $100 million fine by the FCC (currently being contested by AT&T), and a 2014 lawsuit by the FTC for misleading consumers and dramatically changing the terms of service while users were under contract.

But AT&T being AT&T, its lawyers got right to work contesting the FTC lawsuit, arguing that the very Title II common carrier FCC classification it had been fighting tooth and nail against exempted it from the FTC's jurisdiction. As it turned out, AT&T didn't need to engage in this Schrodinger-esque legal tap dance at all, with a court ruling back in August that the FTC never truly had authority over AT&T in the first place:

"The common carrier exemption in section 5 of the FTC Act carves out a group of entities based on their status as common carriers. Those entities are not covered by section 5 even as to non-common carrier activities. Because AT&T was a common carrier, it cannot be liable for the violations alleged by the FTC. The district court’s denial of AT&T’s motion to dismiss is reversed, and the case is remanded for entry of an order of dismissal."

The FTC isn't particularly pleased with this ruling, and this week it filed a petition for a rehearing in which it stated that the ruling could potentially let any company dodge FTC authority -- just as long as some component of its business has common carrier status. This could, the FTC warns, result in companies buying select companies they may not even want just to avoid regulatory scrutiny:

"The panel’s ruling creates an enforcement gap that would leave no federal agency able to protect millions of consumers across the country from unfair or deceptive practices or obtain redress on their behalf. Many companies provide both common-carrier and non-common-carrier services—not just telephone companies like AT&T, but also cable companies like Comcast, technology companies like Google, and energy companies like ExxonMobil (which operate common carrier oil pipelines). Companies that are not common carriers today may gain that status by offering new services or through corporate acquisitions. For example, AOL and Yahoo, which are not common carriers, are (or soon will be) owned by Verizon. The panel’s ruling calls into question the FTC’s ability to protect consumers from unlawful practices by such companies in any of their lines of business."

And again, while light touch regulation may work in healthy markets, that's simply not the case in telecom, where AT&T all but owns state legislatures and the lion's share of Congress, and the lack of last-mile competition leaves regulators as the last defense for frustrated consumers stuck in monopoly or duopoly markets. The FTC continues to warn that this new enforcement gap, if allowed to become precedent, could have a notable impact on user privacy:

"The FTC is the nation’s primary protector of consumer data privacy, but under the panel’s ruling it could be powerless against any company that provides a common-carrier service. Consumers would have no protection from breach or misuse of their personal information or practices like false advertising or improper billing."

And that's kind of a big deal for an industry in which misleading billing and sneaky fees are already a huge problem. And while the FCC is considering some basic new privacy rules for broadband subscribers, the collective lobbying power of the telecom, advertising, and content industries (Google is also quitely opposing the FCC's new rules), there's not a great chance that they ever see the light of day while retaining any teeth. No regulatory oversight is a problem in a sector where ISPs are flirting with charging users more just to protect their own privacy.

The FTC argues that the appeals court panel ruling conflicts with prior decisions of the 9th Circuit and other appeal courts. But should these efforts fail, one of the least ethical companies in telecom in one of the least naturally competitive industries in America could suddenly face less regulatory oversight than ever before. And while those that falsely believe telecom is a free market and all regulation is inherently bad may applaud that outcome, the resulting regulatory capture AT&T would enjoy would be almost total, resulting in higher prices, worse service, and potentially more anti-consumer behavior than ever before.

The Intelligence Community Inspector General (IC IG) Investigations Division (INV) identified [redacted] is an employee of CENTRA* Technology, working on ODNI contract [redacted] The data analysis indicated that [redacted] was not likely present at her assigned worksite for the full period in which she billed the contract. [redacted] 1 June 2012 to 29 July [redacted] billed the government for 630 hours for which she was not present at her worksite.

*Jason Leopold points out CENTRA was contracted to review CIA torture documents. Or NOT review them, as appears to be the case here.

Total cost to taxpayers for [redacted] not being at work? Almost $30,000.

Finding: [redacted] falsely charged approximately 306 hours from 1 June 12 to 29 July 2013. She had a billing rate of $89.14 per hour during this time frame. The total amount of mischarging is approximately $27,301.

"Haystacks [of Single Women]"

In the administrative hearing held on 30 March 2012, [redacted] admitted that while at work he used his AIN connection to purchase non-official plane tickets, send instant messages to friends, and check online dating services. According to [redacted] he accessed these online dating and social accounts to view images of scantily clad or naked women. [Redacted] noted that while on the AlN he used MySpace and Meebo as his means of e-mailing and instant messaging his friends and acknowledged that some of these conversations lasted all day. [Redacted] also explained that 95% of his time spent on the internet was for personal use.

Total tab run up by Lazyass P. Horndog* - $974,000 over six years, with an admitted 95% of that being tax dollars down the drain.

"Incidental Collection [of Money in Exchange for not Doing a Damn Thing]"

Finding: [Redacted] submitted false time cards for approximately 220 hours which he did not work, from 15 FEB 12 until 31 JUL 12. [Redacted's] hourly rate charged to the government was approximately $125 per hour; the total loss to the government for this time frame is approximately $27,500. During the IC IG interview with on 18 October 2012, he admitted that he falsely recorded his time since 2005. Mr. [Redacted] previously worked on the same contract at a facility without [redacted]; therefore the IC IG has no record of his time at work prior to 15 Feb 2012. Mr. [Redacted] charged approximately 8.8 hours per week which he did not work over 25 weeks from 1 January 2005 through 15 Feb 2012. An average of 8.8 hours per week from January 2005 through 15 February 2012, equates to approximately 3,282.4 hours which is an estimated loss of $410,300 (without accounting for rate adjustments).

"Minimization Procedures [for Open Browser Tabs on Government Computers]"

In May 2013. the IC IG Investigations Division obtained additional AIN records of sexual chat. We found that [redacted] began using AIN for sex chat in May 2010 and continued on a near daily basis until his removal ODNI facilities on July 18, 2013, under the direction of agency security officials.

[Redacted] often engaged in as many as 20 exchanges per day seeking sex partners. The majority of [redacted's] sex chat included attempts to establish after work sexual encounters, descriptions of desired sex acts and graphic descriptions of his genitalia.

"Targeted Communications"

Upon discovery of information that [redacted] attempted to establish a sexual relationship with a possible minor residing in northern Virginia, this office referred the matter to the FBI, specifically the Northern Virginia Internet Crimes Against Children (ICAC) task force.

There's way too much fraud, misconduct, and criminal activity in these reports to fully cover here. The 264 pages [PDF] released to Leopold and Vice as the result of an FOIA lawsuit detail extramarital affairs involving supervisors and subordinates, unapproved telecommuting by contractors handling sensitive documents, and page after page of attendance fraud.

Multiple cases are included, most involving hundreds of hours and tens of thousands of dollars of unearned wages. The intelligence community has the big budget and all the manpower it wants, but it apparently doesn't have enough actual work to keep them all busy. Contractors have charged taxpayers for hours they never worked, running personal errands, moonlighting as university instructors, and tending their Farmville crops.

This is the direct result of the community's "collect it all" attitude. If some is good, more is better, and while budgets and staffing expand exponentially, lots and lots of tax dollars are spent paying contractors who aren't doing anything and plenty of other contractors engaged in IC busywork that contributes nothing to the nation's security and safety.

Permalink | Comments | Email This Story
]]>your-tax-dollars-fucking-aroundhttps://www.techdirt.com/comment_rss.php?sid=20161009/17565835757Fri, 7 Oct 2016 11:44:00 PDTSurprise: Intelligence Community Comes Out Against Congressional Plan To Weaken Intelligence OversightMike Masnickhttps://www.techdirt.com/articles/20161003/16550135698/surprise-intelligence-community-comes-out-against-congressional-plan-to-weaken-intelligence-oversight.shtml
https://www.techdirt.com/articles/20161003/16550135698/surprise-intelligence-community-comes-out-against-congressional-plan-to-weaken-intelligence-oversight.shtmlundermine the Privacy and Civil Liberties Oversight Board (PCLOB). But apparently, the Intelligence Community, in the form of Director of National Intelligence, James Clapper, is against this idea.

The PCLOB was initially created as part of the PATRIOT Act, but was basically given no real power. In 2007, Congress finally gave it a bit more power and independence, only to watch both the Bush and Obama administrations ignore it by not appointing anyone to the board. That finally changed in 2012 -- just in time for the Snowden leaks (though it has been without a chairperson, since the last one left earlier this year). The PCLOB then put out a scathing report about the NSA's mass surveillance on Americans under the Section 215 program, though it wasn't as concerned about PRISM and upstream collection under the Section 702 program. For years now, the PCLOB has supposedly been investigating surveillance under Executive Order 12333, which we've been told by insiders is the main program the NSA relies on for surveillance (the others just fill in the gaps).

A key part of the "reform" from Congress, beyond cutting funding, would be to limit the PCLOB to only reviewing surveillance on Americans, which would basically cut off its ability to study EO 12333.

We certainly found it concerning that Congress would seek to pull the rug out from under the PCLOB, but we certainly didn't expect James Clapper to agree with us. And yet...

The intelligence community "strongly opposes" part of the proposed legislation seeking to limit the jurisdiction of PCLOB to the privacy rights of Americans, and not foreigners, the letter, signed by Director of National Intelligence James Clapper, reads.

PCLOB is "uniquely situated" to give advice to spy agencies on how to respect global privacy interests, and limiting its authority "is a significant step backward from the reforms that the president has directed."

The letter apparently also suggests that President Obama would veto such a bill if it came across his desk. This is a bit of a surprise all around. At the very least, it does make you wonder how the House and Senate Intelligence Committees will continue to support the idea of undermining the PCLOB when not even the intelligence community itself is fine with it. Could it really be that the two Congressional committees in Congress in charge of "oversight" for the intelligence community want even less oversight than the intelligence community itself?

Permalink | Comments | Email This Story
]]>hmmmmhttps://www.techdirt.com/comment_rss.php?sid=20161003/16550135698Fri, 16 Sep 2016 06:23:11 PDTHouse Intel Committee Says Snowden's Not A Whistleblower, 'Cause He Once Emailed His Boss's BossMike Masnickhttps://www.techdirt.com/articles/20160915/17000035532/house-intel-committee-says-snowdens-not-whistleblower-cause-he-once-emailed-his-bosss-boss.shtml
https://www.techdirt.com/articles/20160915/17000035532/house-intel-committee-says-snowdens-not-whistleblower-cause-he-once-emailed-his-bosss-boss.shtmlmassive campaign asking President Obama to pardon Ed Snowden. You can check it out here and sign the petition. There have also been a bunch of high profile op-eds and endorsements from a wide variety of people -- from former intelligence officials to human rights groups and more. The campaign was obviously timed to coincide with the release of Oliver Stone's new movie, Snowden.

Apparently also timed with the release of the movie, the House Intelligence Committee has released a "report" that they claim they spent two years writing, detailing why they believe Snowden is no whistleblower. They've released an unclassified three page "executive summary" that is, at best, laughable. Honestly, if this is the best that the House Intel Committee can put together to smear Snowden, they must have found nothing bad. I mean, it's the stupidest stuff: like that he once got into a dispute with his boss over some software updates at work and (*gasp*) emailed someone higher up the chain, for which he got reprimanded:

If you can't read that, it says:

Third, two weeks before Snowden began mass downloads of classified documents, he was reprimanded after engaging in a workplace spat with NSA managers. Snowden was
repeatedly counseled by his managers regarding his behavior at work. For example, in June
2012, Snowden became involved in a fiery e-mail argument With a Supervisor about how
computer updates should be managed. Snowden added an NSA senior executive several levels
above the supervisor to the e-mail thread, an action that earned him a swift reprimand from his
contracting officer for failing to follow the proper protocol for raising grievances through the
chain of command. Two weeks later, Snowden began his mass downloads of classified
information from NSA networks. Despite Snowden's later claim that the March 2013
congressional testimony of Director of National Intelligence James Clapper was a "breaking
point" for him, these mass downloads predated Director Clapper's testimony by eight months.

First of all, the inclusion of the email dispute is just... weird. I mean, people have email disputes with co-workers all the time. Is that really a sign that you're not a whistleblower, or that you're just "disgruntled?" If that's really the "dirt" that they dug up on Snowden after two years of research, they really must have nothing that actually sticks.

Oh, and also, as Snowden himself notes, this all kinda works against their point, because it shows that trying to blow the whistle up the chain is... met with reprimands.

@Snowden That doesn't say good things about going through "proper channels" at NSA. Not sure they understand how this hurts their case.

Of course, the point that they're really getting at is the second half of that paragraph -- where they claim that he began the downloads way before James Clapper's infamous lie to Senator Ron Wyden. But, again, Snowden points out that they're being totally misleading here (and it must upset the House Intelligence Committee to no end that Snowden is free and able to use Twitter to debunk their claims), because, as has been previously reported in great detail, Snowden was assigned to move a bunch of documents between systems. The "downloading" they're talking about was his job.

@Snowden HEARTBEAT, which seems to be the source of their 1.5m number, was explicited authorized by two levels of my management. I built it.

In other words, yes, he touched 1.5 million documents. Because he was told to as a part of his job. It's been more than two years since James Clapper himself admitted that Snowden didn't actually take all of those. That's just the number he "touched" because his job was to move those documents to a different system. Snowden took a much smaller subset, and now they're claiming that him doing his job was him taking the docs.

The report also trots out the usual "harm to national security." We've been hearing this ever since the first leak... and yet no one ever has any evidence to support this. It's the bogeyman argument. And yet, here it is again:

If you can't read that, it says:

First, Snowden caused tremendous damage to national security, and the vast
majority of the documents he stole have nothing to do with programs impacting individual
privacy interests-they instead pertain to military, defense, and intelligence programs of
great interest to America's adversaries. A review of the materials Snowden compromised
makes clear that he handed over secrets that protect American troops overseas and secrets that
provide vital defenses against terrorists and nation-states. Some of Snowden's disclosures
exacerbated and accelerated existing trends that diminished the IC's capabilities to collect
against legitimate foreign intelligence targets, while others resulted in the loss of intelligence
streams that had saved American lives. Snowden insists he has not shared the full cache of 1.5
million classified documents with anyone; however, in June 2016, the deputy chairman of the
Russian parliament's defense and security committee publicly conceded that "Snowden did share
intelligence" with his government. Additionally, although Snowden's professed objective may
have been to inform the general public, the information he released is also available to Russian,
Chinese, Iranian, and North Korean government intelligence services; any terrorist with Internet
access; and many others who wish to do harm to the United States.

The full scope of the damage inflicted by Snowden remains unknown. Over the past
three years, the IC and the Department of Defense (DOD) have carried out separate reviews--with differing methodologies--of the damage Snowden caused. Out of an abundance of caution, DOD reviewed all 1.5 million documents Snowden removed. The IC, by contrast, has carried
out a damage assessment for only a small subset of the documents. The Committee is concerned
that the IC does not plan to assess the damage of the vast majority of documents Snowden
removed. Nevertheless, even by a conservative estimate, the U.S. Government has spent
hundreds of millions of dollars, and will eventually spend billions, to attempt to mitigate the
damage Snowden caused. These dollars would have been better spent on combating America's
adversaries in an increasingly dangerous world.

Note that after a lot of hand-waving, the only actual damage they can even come close to quantifying is the amount of money the US government spent trying to close the barn doors -- i.e., investigate what Snowden had taken and make sure that others couldn't do the same. That's not Snowden's fault. That's very much blaming the messenger. Also, if the US government wasn't illegally spying on Americans, it wouldn't have been an issue. It seems worth noting that key point.

And, again, the report continues to point to the 1.5 million number, despite the fact that it's already been debunked. Again, the reason Snowden moved 1.5 million docs was because that was part of his job -- that wasn't the amount taken. The reason that the Intelligence Community isn't investigating all of those docs is because it has said that Snowden didn't take all of them. Why is the House Intelligence Committee bitching about that?

As for the Russian Parliament member claiming that Snowden shared secrets with Russia, Snowden himself notes that they're misquoting what was said, and that the guy had prefaced his statement by nothing that it was speculation on his part, rather than confirmed fact. You'd think that the House Intel Committee wouldn't go around trading in mere speculation.

As for the claims that "the information he released is also available to Russian, Chinese, Iranian, and North Korean government intelligence services" is also pretty ridiculous. I mean, the documents that have been released (not all of them, and the ones that have been have included redactions) have been placed on the internet, where anyone can read them. The statement about the Russians, Chinese, Iranians, North Koreans and terrorists having access to them is basically the equivalent of "these people have the internet." Yeah, so?

Next on the docket, the House Intel Committee claims that Snowden's not a whistleblower because he (1) didn't go through proper channels (2) he left the country and (3) the NSA surveillance program was all perfectly legal.

If you can't read that, it says:

Second, Snowden was not a whistleblower. Under the law, publicly revealing
classified information does not qualify someone as a whistleblower. However, disclosing
classified information that shows fraud, waste, abuse, or other illegal activity to the appropriate
law enforcement or oversight personnel--including to Congress--does make someone a
whistleblower and affords them with critical protections. Contrary to his public claims that he
notified numerous NSA officials about what he believed to be illegal intelligence collection, the
Committee found no evidence that Snowden took any official effort to express concerns about
U.S. intelligence activities--legal, moral, or otherwise--to any oversight officials within the
U.S. Government, despite numerous avenues for him to do so. Snowden was aware of these
avenues. His only attempt to contact an NSA attorney revolved around a question about the
legal precedence of executive orders, and his only contact to the Central Intelligence Agency
(CIA) Inspector General (IG) revolved around his disagreements with his managers about

Let's stop right there to respond to this load of nonsense. First of all, hiding behind the very technical, narrow legal definition of whistleblower is pretty ridiculous compared to the actual definition that most people use. Snowden revealed a program that involved mass surveillance on nearly all Americans, a program that the intelligence community had directly and officially denied existed. It was, in fact, a program that, from a plain reading of the law, should not exist, and the only way in which it did and could exist was if the government reinterpreted the law, in secret, to mean something completely different. That's pretty clearly whistleblowing. And the fact that the public has spoken out in support of him so much suggests that many people believe this as well.

And that doesn't even mention the fact that after this Congress changed the law to further clarify what the NSA could actually do. In other words, Congress seems to agree that what Snowden did was in the public interest. Even former Attorney General Eric Holder has admitted as much.

And, of course, the claims about "the proper channels" is ridiculous as well. We've written many, many times on what happens to individuals who go through the "proper channels." It often ends with them being put in jail on trumped up charges. Oh, and Snowden, as a contractor rather than gov't employee, had no whistleblower protections under the law anyway. Going through the "proper channels" gets you marked as a troublemaker, and that often leads to more scrutiny and questionable raids... and jail time. And, as if to confirm all this, the guy that Snowden could have reached out to as the "proper channel" had already mocked Snowden and attacked him, so it's not as if that would have been a useful route.

The Committee tries to brush off this concern with the "proper channels" but fails in doing so:

Despite Snowden's later public claim that he would have faced retribution for voicing
concerns about intelligence activities, the Committee found that laws and regulations in effect at
the time of Snowden,s actions afforded him protection. The Committee routinely receives
disclosures from IC contractors pursuant to the Intelligence Community Whistleblower
Protection Act of 1998 (IC WPA). If Snowden had been worried about possible retaliation for
voicing concerns about NSA activities, he could have made a disclosure to the Committee. He
did not. Nor did Snowden remain in the United States to face the legal consequences of his
actions, contrary to the tradition of civil disobedience he professes to embrace. Instead, he fled to
China and Russia, two countries whose governments place scant value on their citizens' privacy
or civil liberties-and whose intelligence services aggressively collect information on both the
United States and their own citizens.

Again, this is wrong. The Whistleblower Act does not actually extend its protections to contractors, and given how the Committee is reacting to Snowden to this day, does anyone actually think they would have done anything if he had approached them -- other than maybe alerting top intel community officials that they had a troublemaker in their midst? As for the claim that Snowden didn't stay in the US to face the "legal consequences," again, is it any wonder why? He knew what had happened to people like Thomas Drake, who the feds tried to put in jail for 35 years because he had a (mistakenly) classified meeting agenda at his home -- a home that was only raided because Drake had blown the whistle on another program. He'd seen what happened to Chelsea Manning, held in solitary confinement for leaking documents to Wikileaks. He'd seen what happened to countless others.

The very fact that Snowden is free today and able to tweet responses to this ridiculous smear campaign shows exactly why he didn't choose to stay in the US where they would have locked him up and thrown away the key.

To gather the files he took with him when he left the country for Hong Kong, Snowden
infringed on the privacy of thousands of govemment employees and contractors. He obtained
his colleagues, security credentials through misleading means, abused his access as a systems
administrator to search his co-workers, personal drives, and removed the personally identifiable
information of thousands of IC employees and contractors. From Hong Kong he went to Russia,
where he remains a guest of the Kremlin to this day.

And yet, magically, none of that has ever become public. So, uh, it seems like maybe the major worries here were overblown.

It is also not clear Snowden understood the numerous privacy protections that govern the
activities of the IC. He failed basic annual training for NSA employees on Section 702 of the
Foreign Intelligence Surveillance Act (FISA) and complained the training was rigged to be
overly difficult. This training included explanations of the privacy protections related to the
PRISM program that Snowden would later disclose.

Now this seems to just be the Intelligence Committee scraping the bottom of the barrel again for anything to make Snowden look bad. Oooh, he failed the training program on PRISM. And, yet, that doesn't respond to the fact that there were all sorts of legitimate privacy concerns about PRISM and how it operates, and the program was kept entirely secret.

From there, the Committee goes into full scale playground taunting of Snowden, saying he's a "serial fabricator" because he may have exaggerated a few points:

If you can't read that, it says:

Fourth, Snowden was, and remains, a serial exaggerator and fabricator. A close
review of Snowden's official employment records and submissions reveals a pattem of
intentional lying. He claimed to have left Army basic training because of broken legs when in
fact he washed out because of shin splints. He claimed to have obtained a high school degree
equivalent when in fact he never did. He claimed to have worked for the CIA as a "senior
advisor," which was a gross exaggeration of his entry-level duties as a computer technician. He
also doctored his performance evaluations and obtained new positions at NSA by exaggerating
his resume and stealing the answers to an employment test. In May 2013, Snowden informed his
supervisor that he would be out of the office to receive treatment for worsening epilepsy. In
reality, he was on his way to Hong Kong with stolen secrets.

So, yeah. I mean, considering how much "fabricating" and "exaggerating" the House Intel Committee does in this whole report, it's a bit weak to argue that him exaggerating his leg problems is somehow proof of being a "serial fabricator." And, I'm sure that none of the members of the House Intel Committee has ever been caught "exaggerating" or "fabricating" information in their quest to get elected, right?

And, of course, Snowden claims they're mostly wrong about all of this anyway. The claim that he doctored a performance evaluation? Snowden notes that he actually reported a vulnerability.

The claim I "doctored performance evaluations?" This one is amazing: I reported an XSS (hacking) vulnerability in CIA annual review system.

The fact that he lied about why he was taking time off? I mean, come on. They must really be stretching for something to include that as a "lie." It was a deliberate move as part of his already determined plan to blow the whistle on these programs, not evidence of a pattern of lying.

In the end, the only proper way to read this report is in the context that Glenn Greenwald pointed out: if the House Intelligence Committee had done its oversight job of preventing mass surveillance on Americans, rather than acting as an enabler for the NSA, Snowden wouldn't have been a problem. The Committee's anger seems driven more by Snowden showing how complicit they were in failing to actually oversee the NSA:

If you don't want leaks, don't build a secret, illegal system of mass surveillance and then hide it and lie about it to the public.

Of course, along with this report, the Intel Committee has alsosent the White House a letter saying that it should not pardon Snowden, saying "Mr. Snowden is not a patriot. He is not a whistleblower. He is a criminal." It goes on to repeat many of the false claims from the report.

I get the feeling that history will treat Ed Snowden much more kindly than it will treat the cowardly members of the House Intel Committee who are now trying (and failing) to cover up their own failures as overseers.

Permalink | Comments | Email This Story
]]>wait,-what?https://www.techdirt.com/comment_rss.php?sid=20160915/17000035532Thu, 15 Sep 2016 23:27:07 PDTCongressman In Charge Of OPM Hacking Report Announces Plan To Investigate Stingray Use NextTim Cushinghttps://www.techdirt.com/articles/20160911/20532135491/congressman-charge-opm-hacking-report-announces-plan-to-investigate-stingray-use-next.shtml
https://www.techdirt.com/articles/20160911/20532135491/congressman-charge-opm-hacking-report-announces-plan-to-investigate-stingray-use-next.shtml
Representative Jason Chaffetz, fresh off his bombshell report on the OPM hacking, is promising to drop another explosive report in the future. This one will deal with law enforcement's dirty little secret -- one that's not that much of a secret anymore.

The Stingray, a controversial cellphone tracking device used by the U.S. government and law enforcement, will be the subject of a forthcoming investigation from the House Oversight Committee, according to Committee Chairman Jason Chaffetz (R-Utah).

"You will be shocked at what the federal government is doing to collect your personal information," Chaffetz said on Wednesday morning. "And they can't keep it secure, that's the point."

It's a good point, one fresh in the mind of millions thanks to the just-delivered OPM report. The government appears willing to take security seriously if it means doling out tax dollars to dozens of agencies with cyberstars in their eyes and crafting bad legislation, but not so much when it comes to actually ensuring its own backyard is locked down.

Chaffetz was one of the legislators behind the 2015 attempt to turn the DOJ's Stingray guidance into law, laying down a warrant requirement for US law enforcement. Unfortunately, the bill went nowhere. Presumably, a thorough investigation into law enforcement use of this repurposed war tech might prompt more legislative cooperation in the future.

Chaffetz has done little to endear himself to security and law enforcement agencies since his arrival on the Hill. In addition to the failed Stingray warrant bill, Chaffetz also partnered with Ron Wyden to attempt to add a warrant requirement for law enforcement GPS tracking -- something the Supreme Court almost addressed in its US v. Jones decision.

He also made new friends with the Secret Service while grilling officials over an incident where drunken agents arrived on the scene of a "suspicious package" report in spectacular fashion, crashing the vehicle they were driving into a White House barricade. Almost as soon as the hearing had begun, Secret Service employees were accessing Chaffetz's personal info (generated by his attempt to join the Secret Service in 2003), hoping to find something embarrassing they could use to discredit him.

This new report will further alienate law enforcement agencies and personnel, starting with the FBI -- which has acted as Stingray Overlord since the introduction of the equipment -- and trickling all the way down to the local level, where agencies have relied on secrecy, lies, and case dismissals to keep information about the cell phone-tracking devices from being made public.

Permalink | Comments | Email This Story
]]>a-stingray-stinghttps://www.techdirt.com/comment_rss.php?sid=20160911/20532135491Wed, 20 Jul 2016 14:45:28 PDTKudos To Senator Leahy: Fighting To Keep Privacy & Civil Liberties Board From Being HobbledMike Masnickhttps://www.techdirt.com/articles/20160720/01020435016/kudos-to-senator-leahy-fighting-to-keep-privacy-civil-liberties-board-being-hobbled.shtml
https://www.techdirt.com/articles/20160720/01020435016/kudos-to-senator-leahy-fighting-to-keep-privacy-civil-liberties-board-being-hobbled.shtmlwrong on copyright issues for years, he's actually quite good on a number of other issues that are of interest to us here at Techdirt. In particular, he's been a strong supporter of civil liberties on the internet and protecting the 4th Amendment (it's unfortunate that he doesn't see how his desired copyright policies might undermine some of that, but that's another post for another day). Thankfully, his latest move is to push back against a plan by the Senate and House Intelligence Committees to strip the federal government's Privacy and Civil Liberties Board (PCLOB).

The letter calls out the "pattern" that has been put in place by both the House and Senate Intelligence Committees to one by one by one strip powers from the PCLOB. After giving a bunch of examples of this playing out, with the language stripping the powers being agreed upon in secret (of course), Leahy notes:

The PCLOB has served a valuable role in reviewing government surveillance programs and recommending reforms that have largely been implemented by the executive branch. It is particularly inappropriate to debate and report legislation in a closed markup that is designed to diminish the authority of a public, independent oversight board. Congress should b enhancing its role, not undercutting it.

It then asks them to remove these PCLOB-undermining provisions from the intel re-authorization bill. Of course, Feinstein and Burr want to hobble the PCLOB because they've long been cheerleaders for widespread surveillance, and have actively fought against any real or significant oversight. There's a reason why these riders undermining the PCLOB keep showing up, and it's because Senators like Feinstein and Burr are deliberately trying to protect the intelligence community from oversight. So unless some bigger force comes along, it's doubtful this letter will have much of a direct impact. But, even so, kudos to Leahy for sending the letter as a starting point. Hopefully he follows through and continues to keep the pressure up.

Permalink | Comments | Email This Story
]]>keep-at-ithttps://www.techdirt.com/comment_rss.php?sid=20160720/01020435016Fri, 1 Jul 2016 12:47:33 PDTLeak Reveals Secret FBI Guidelines That Basically Give Them Free Rein To Spy On Journalists And SourcesMike Masnickhttps://www.techdirt.com/articles/20160630/22545434874/leak-reveals-secret-fbi-guidelines-that-basically-give-them-free-rein-to-spy-journalists-sources.shtml
https://www.techdirt.com/articles/20160630/22545434874/leak-reveals-secret-fbi-guidelines-that-basically-give-them-free-rein-to-spy-journalists-sources.shtmllawsuit filed by the Freedom of the Press Foundation seeking to get a copy of the DOJ's infamous new rules for spying on journalists. The new rules came about after it had come out that the DOJ had spied on Associated Press reporters as well as lied to a court to claim that Fox News reporter James Rosen was a co-conspirator in a leak investigation. To date, the DOJ has steadfastly refused to reveal the rules.

Thankfully, someone has now leaked the rules, or at least the 2013 version of some of the rules, which show that, contrary to what then Attorney General Eric Holder had suggested, it's still ridiculously easy for the FBI to spy on reporters and their sources in trying to hunt down a leak. In fact, it appears that these rules, around the use of NSLs are actually separate from the rules that Holder was talking about -- meaning that there's an entirely separate path for the DOJ to spy on journalists. The rules show that the FBI can just issue a National Security Letter (NSL), the mechanism that the FBI has been known to regularly abuse without consequence and which it's trying to expand. The "process" by which the media is supposedly protected under these new rules is that if someone in the DOJ is seeking an NSL to get phone records of someone in the media, they need to get some permission from someone else in the DOJ first:

This is the fox watching the henhouse. These are not restrictions, these are just the DOJ getting to ask itself if it really wants to spy on these journalists, and the DOJ telling itself "sure, go ahead." There's a further exception that if someone is a member of the media, but the FBI "suspects" they're an intelligence officer or affiliated with a foreign intelligence service, "no additional approval requirements" are needed. So, as with the Rosen case, the FBI can just declare him a "co-conspirator" and voila, no approval necessary.

As the Freedom of the Press Foundation explains in response to this leak, this completely undermines the claims by the DOJ that there were strict controls on spying on journalists:

First, the rules clearly indicate—in two separate places—that NSLs can specifically be used to conduct surveillance on reporters and sources in leak investigations. This is quite disturbing, since the Justice Department spent two years trying to convince the public that it updated its “Media Guidelines” to create a very high and restrictive bar for when and how they could spy on journalists using regular subpoenas and court orders. These leaked rules prove that the FBI and DOJ can completely circumvent the Media Guidelines and just use an NSL in total secrecy.

Second, the DOJ told the New York Times in 2013 that, despite NSLs being exempt from the media guidelines, they were still used under a “strict legal regime.” Well, the “strict legal regime” here is basically non-existent. The only extra step the FBI has to go through to spy on journalists with an NSL—besides the normal, lax NSL procedures, which they have flagrantly and repeatedly violated over the past decade—is essentially get the sign off of a superior in the Justice Department. That’s it! They don’t have to even go through the motions for following any of the several rules laid out in the DOJ media guidelines: like get the Attorney General to sign off, exhaust all other means of investigation, alerting and negotiating with the affected media organization, making sure what is being sought is essential to the investigation, etc.

There's a separate important question here too: why were these rules kept secret? There is no national security reason to keep this secret. It does not reveal anything that helps anyone avoid surveillance. As Freedom of the Press Foundation notes, it appears the only reason to keep this secret is to avoid the embarrassment.

The information that has been redacted here by the Justice Department – and which they are fighting to keep secret in court – is incredibly mundane. The fact that the FBI has to get another person in the bureaucracy to sign off on a particular investigation should not be a state secret, nor would it remotely harm any ongoing investigation, nor would “tip off” any alleged criminals to how to evade surveillance.

The only reason to keep these rules secret, it seems, is that it’s incredibly embarrassing for the FBI to admit that they can use NSLs in leak cases to go after journalists. The fact that the FBI and DOJ are keeping these rules is outrageous, and they should use this opportunity to officially release the rules—and any updates to them—immediately.

The Foundation is also planning to continue its lawsuit for two reasons. First, as mentioned in the quote above, it wants the DOJ to officially release the rules, and, more importantly, it believes that the rules may have been updated since these 2013 rules were published.

The whole thing, once again, shows just how ridiculous this administration has been concerning protecting the rights of journalists to talk to confidential sources. "The most transparent administration in history" once again seems to be the exact opposite. Undermining the freedom of the press and spying on reporters and their sources is shameful. It's the activity of tyrants and insecure dictators, not democratically elected governments.

Permalink | Comments | Email This Story
]]>not-cool,-dojhttps://www.techdirt.com/comment_rss.php?sid=20160630/22545434874Fri, 10 Jun 2016 12:38:21 PDTCommunications Show GCHQ's 'Oversight' Talking Itself Out Of Performing Any Sort Of OversightTim Cushinghttps://www.techdirt.com/articles/20160606/11353534641/communications-show-gchqs-oversight-talking-itself-out-performing-any-sort-oversight.shtml
https://www.techdirt.com/articles/20160606/11353534641/communications-show-gchqs-oversight-talking-itself-out-performing-any-sort-oversight.shtml
New documents obtained by Privacy International as a result of its ongoing litigation over GCHQ bulk surveillance shows (yet again) there's really no such thing as "oversight" when it comes to spying. Owen Bowcott of The Guardian highlights conversations between GCHQ and its supposed oversight, in which the former talks the latter out of applying more restrictive guidelines from updated laws to its massive data intake. (Unfortunately, Bowcott discusses the documents but does not link to them, and I have been unable to locate these at Privacy International's website.Found 'em.)

The letters were sent by Home Office legal advisers, GCHQ and Sir Swinton Thomas, who was the interception of communications commissioner. The organisation is now called the Interception of Communications Commissioner’s Office (IOCCO).

In May 2004, a Home Office legal adviser wrote to Thomas backing an MI5 proposal that collecting bulk data from communication service providers for its “database project” be authorised under section 94 of the 1984 Telecommunications Act because, at that stage, there were no human rights implications or breach of privacy concerns. Using that act would not require a notice to be put before parliament because it could be used secretively on the grounds that “disclosure of the direction would be against the interests of national security”.

Thomas briefly tried to act as an overseer, suggesting the GCHQ would be on firmer legal footing if it applied a more-updated law to its collection practices: the Regulatory of Investigatory Powers Act of 2000. Because this newer law contained more procedural safeguards and additional transparency requirements, GCHQ was obviously uninterested in applying this to its bulk collections.

The UK Home Office got involved at this point, claiming the newer law was not really a law at all, but collated stack of suggestions.

The Home Office responded, saying that, although Ripa might be engaged, it did not think that meant it must be used. The letter continued: “The only practical difference between the two sets of provisions is if [Ripa] were used, a new notice would need to be issued every month … involving a fresh consideration of the necessity and proportionality issues. This would not be the case under section 94 [of the Telecommunications Act].”

Yeah, why bother periodically reassessing "necessity and proportionality" of orders when you can issue one order and have it apply indefinitely? GCHQ also expressed its concern about using the new law, saying it wanted to keep all of its collections in one big pile, even if that meant intermingling minimized and unminimized data.

Its oversight reluctantly agreed.

Thomas backed down, replying that, “on reconsideration”, use of Ripa was not mandatory. He added: “I am also impressed by the considerable and, if possible to be avoided, inconvenience in following the [Ripa] procedure in the database procedures.”

And, just like that, any protections UK citizens might have gained from the 2000 version of RIPA were waved away in the interest of bulk collection convenience. This conversation every appearance of someone raising an issue in hopes of being talked out of it and expressing relief when this was accomplished. For UK citizens, this meant that GCHQ could collect both minimized data (anonymized by stripping of identifying info) and unminimized data and mix it all together in its storage, thereby nullifying the protective minimization methods.

It is, as Privacy International states, a "total failure" of oversight. There's no evidence that the Home Office or the IOCCO ever acted in an adversarial fashion. Both appear to have cut GCHQ as much slack as it needed to avoid having to adhere to an updated law written explicitly to regulate investigatory powers. Instead, they both allowed GCHQ to avail itself of lower legal requirements by applying a 20-year-old law -- one that could not have possibly anticipated the exponential surveillance growth in the intervening years -- to its post-2001 bulk surveillance.

Permalink | Comments | Email This Story
]]>so... what do you spies think we should do about all this spying?https://www.techdirt.com/comment_rss.php?sid=20160606/11353534641